urlscan.io logo urlscan.io
SecurityTrails logo

www.btolat.com Open in urlscan Pro
2606:4700:3038::6815:eb96  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.btolat.com/
Submission: On February 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 4 countries across 56 domains to perform 365 HTTP transactions. The main IP is 2606:4700:3038::6815:eb96, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.btolat.com.
TLS certificate: Issued by GTS CA 1P5 on January 10th 2024. Valid for: 3 months.
This is the only time www.btolat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
76 2606:4700:303... 13335 (CLOUDFLAR...)
25 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2a03:2880:f03... 32934 (FACEBOOK)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f13... 32934 (FACEBOOK)
10 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 108.138.128.28 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:21e... 16509 (AMAZON-02)
32 2620:100:a001::4 19750 (AS-CRITEO)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
5 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
2 18.208.240.47 14618 (AMAZON-AES)
9 68.71.249.118 46562 (PERFORMIVE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
21 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:21d... 16509 (AMAZON-02)
1 6 2620:116:800b... 14618 (AMAZON-AES)
2 2 68.67.160.76 29990 (ASN-APPNEX)
3 3 162.248.18.32 62713 (AS-PUBMATIC)
3 5 142.250.65.194 15169 (GOOGLE)
1 1 162.248.18.37 62713 (AS-PUBMATIC)
1 1 8.28.7.84 62713 (AS-PUBMATIC)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
4 5 3.225.218.10 14618 (AMAZON-AES)
1 1 2607:f350:3:2... 27630 (AS-XFERNET)
1 1 8.39.36.142 26667 (RUBICONPR...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 8.2.110.161 46636 (NATCOWEB)
2 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:21d... 16509 (AMAZON-02)
1 74.119.119.129 19750 (AS-CRITEO)
4 35.244.159.8 396982 (GOOGLE-CL...)
1 198.148.27.131 19189 (PULSEPOINT)
1 2602:803:c002... 26667 (RUBICONPR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
5 34.149.20.76 15169 (GOOGLE)
4 2620:100:a001::3 19750 (AS-CRITEO)
4 2620:100:a001... 19750 (AS-CRITEO)
4 74.119.119.147 19750 (AS-CRITEO)
33 2620:100:a001::9 19750 (AS-CRITEO)
8 2620:100:a001... 19750 (AS-CRITEO)
1 3 151.101.130.49 54113 (FASTLY)
1 3.225.68.245 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
4 151.101.194.49 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 23.56.163.106 16625 (AKAMAI-AS)
2 72.21.81.64 15133 (EDGECAST)
7 52.23.212.13 14618 (AMAZON-AES)
1 23.1.197.91 16625 (AKAMAI-AS)
1 2 34.201.247.102 14618 (AMAZON-AES)
1 68.71.249.120 46562 (PERFORMIVE)
1 23.48.224.142 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.64.174.12 16509 (AMAZON-02)
6 7 8.43.72.97 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 23.56.162.52 16625 (AKAMAI-AS)
2 4 52.46.130.91 16509 (AMAZON-02)
7 12 8.43.72.98 26667 (RUBICONPR...)
2 3 15.197.193.217 16509 (AMAZON-02)
1 1 2600:1f18:4e9... 14618 (AMAZON-AES)
2 3 52.95.126.138 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 52.87.41.151 14618 (AMAZON-AES)
1 104.117.182.208 20940 (AKAMAI-ASN1)
1 1 52.71.32.125 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 147.75.198.144 54825 (PACKET)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 1 2600:9000:23c... 16509 (AMAZON-02)
1 1 2600:9000:26f... 16509 (AMAZON-02)
1 18.173.219.12 16509 (AMAZON-02)
2 52.73.58.116 14618 (AMAZON-AES)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
365 73
76    2606:4700:3038::6815:eb96 (United States)

ASN13335 (CLOUDFLARENET, US)
www.btolat.com
static.btolat.com
img.btolat.com
25    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a03:2880:f03f:1c:face:b00c:0:3 (Düsseldorf, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
nhwimp.izooto.com
1    2606:4700:3035::6815:5277 (United States)

ASN13335 (CLOUDFLARENET, US)
pahtuo.tech
2    2a03:2880:f13f:83:face:b00c:0:25de (Düsseldorf, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3033::6815:5ea5 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2600:9000:21ea:7a00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
32    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
7    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    18.208.240.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-240-47.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
9    68.71.249.118 (United States)

ASN46562 (PERFORMIVE, US)
udmserve.net
5    2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2600:9000:21da:e000:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
6    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
2    68.67.160.76 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
3    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
cm.g.doubleclick.net
1    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
5    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
2    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:21dd:ec00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
4    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
underdogmedia-d.openx.net
1    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
4    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
4    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
4    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
33    2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)
imageproxy.us.criteo.net
8    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
displayf-tm.everesttech.net
rtd-tm.everesttech.net
1    3.225.68.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-68-245.compute-1.amazonaws.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
1    2602:803:c002:200::64 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad2.rubiconproject.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
statsf-tm.everesttech.net
1    2607:f8b0:4006:822::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    72.21.81.64 (United States)

ASN15133 (EDGECAST, US)
playtime.tubemogul.com
7    52.23.212.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-212-13.compute-1.amazonaws.com
s.acexedge.com
1    23.1.197.91 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-197-91.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
2    34.201.247.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-247-102.compute-1.amazonaws.com
viasat.demdex.net
1    68.71.249.120 (United States)

ASN46562 (PERFORMIVE, US)
PTR: underdogmedia.com
edge.udmserve.net
1    23.48.224.142 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-142.deploy.static.akamaitechnologies.com
ajs-assets.ftstatic.com
1    2606:4700::6811:3763 (United States)

ASN13335 (CLOUDFLARENET, US)
nh.iz.do
1    18.64.174.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-174-12.mia3.r.cloudfront.net
agen-assets.ftstatic.com
7    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
5    23.56.162.52 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-52.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
stat.flashtalking.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
12    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2600:1f18:4e9:5a02:c3c0:c85e:6285:3c96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.87.41.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-41-151.compute-1.amazonaws.com
match.prod.bidr.io
1    104.117.182.208 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-208.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    52.71.32.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-32-125.compute-1.amazonaws.com
sync.ipredictive.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    147.75.198.144 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    2600:9000:23cb:d200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:26fa:8c00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.173.219.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-12.jfk52.r.cloudfront.net
sync1.intentiq.com
2    52.73.58.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-58-116.compute-1.amazonaws.com
ad-events.flashtalking.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
Apex Domain
Subdomains		 Transfer
76 btolat.com
www.btolat.com
static.btolat.com
img.btolat.com — Cisco Umbrella Rank: 543672
2 MB
73 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.us.criteo.net — Cisco Umbrella Rank: 3202
csm.us.criteo.net — Cisco Umbrella Rank: 3277
866 KB
38 googlesyndication.com
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
227 KB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
283 KB
24 rubiconproject.com
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4763
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 1756
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
33 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
rtb.va.us.criteo.com — Cisco Umbrella Rank: 6801
ads.us.criteo.com — Cisco Umbrella Rank: 3179
cat.va.us.criteo.com — Cisco Umbrella Rank: 3347
189 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
71 KB
10 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3747
edge.udmserve.net — Cisco Umbrella Rank: 41007
11 KB
8 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 954
cdn.flashtalking.com — Cisco Umbrella Rank: 1296
ad-events.flashtalking.com — Cisco Umbrella Rank: 1404
stat.flashtalking.com — Cisco Umbrella Rank: 1445
68 KB
8 everesttech.net
displayf-tm.everesttech.net — Cisco Umbrella Rank: 7079
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net — Cisco Umbrella Rank: 8706
statsf-tm.everesttech.net — Cisco Umbrella Rank: 5475
rtd-tm.everesttech.net — Cisco Umbrella Rank: 3124
6 KB
8 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
ssc.33across.com — Cisco Umbrella Rank: 3877
lexicon.33across.com — Cisco Umbrella Rank: 1517
7 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
5 KB
7 acexedge.com
s.acexedge.com — Cisco Umbrella Rank: 9190
49 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
455 KB
7 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4267
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
11 KB
6 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 664
image2.pubmatic.com — Cisco Umbrella Rank: 912
image4.pubmatic.com — Cisco Umbrella Rank: 1237
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
2 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
20 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 410
104 KB
5 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 17428
nhwimp.izooto.com
101 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
95 KB
4 openx.net
underdogmedia-d.openx.net — Cisco Umbrella Rank: 33973
1 KB
4 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 27827
180 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
13 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 880
sync1.intentiq.com — Cisco Umbrella Rank: 3054
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1105
523 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
1 KB
2 ftstatic.com
ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744
agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473
28 KB
2 demdex.net
viasat.demdex.net — Cisco Umbrella Rank: 46315
1 KB
2 tubemogul.com
playtime.tubemogul.com — Cisco Umbrella Rank: 7280
31 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1345
1 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
307 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
556 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
451 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
493 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
650 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
514 B
1 iz.do
nh.iz.do — Cisco Umbrella Rank: 69056
596 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
48 KB
1 contextweb.com
bid.contextweb.com — Cisco Umbrella Rank: 4300
845 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 4115
561 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1913
4 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
642 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
897 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
1 KB
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 50371
103 KB
1 pahtuo.tech
pahtuo.tech — Cisco Umbrella Rank: 316623
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
0 cognativex.com Failed
btolat-com.cognativex.com Failed
365 56
Domain Requested by
49 img.btolat.com www.btolat.com
33 imageproxy.us.criteo.net ads.us.criteo.com
32 static.criteo.net securepubads.g.doubleclick.net
ads.us.criteo.com
25 securepubads.g.doubleclick.net www.btolat.com
securepubads.g.doubleclick.net
www.googletagservices.com
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
22 www.btolat.com www.btolat.com
21 tpc.googlesyndication.com www.btolat.com
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
12 pixel.rubiconproject.com 7 redirects
12 pagead2.googlesyndication.com www.btolat.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 udmserve.net securepubads.g.doubleclick.net
www.btolat.com
bid.underdog.media
8 csm.us.criteo.net ads.us.criteo.com
7 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 s.acexedge.com playtime.tubemogul.com
s.acexedge.com
7 www.googletagservices.com securepubads.g.doubleclick.net
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
5 ssc.33across.com bid.underdog.media
5 ups.analytics.yahoo.com 4 redirects bid.underdog.media
5 cm.g.doubleclick.net 3 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 static.btolat.com www.btolat.com
5 connect.facebook.net www.btolat.com
connect.facebook.net
4 s.amazon-adsystem.com 2 redirects
4 statsf-tm.everesttech.net www.btolat.com
4 cat.va.us.criteo.com ads.us.criteo.com
4 ads.us.criteo.com 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
4 rtb.va.us.criteo.com www.btolat.com
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
4 pixel.quantserve.com 1 redirects www.btolat.com
4 underdogmedia-d.openx.net bid.underdog.media
4 bid.underdog.media udmserve.net
bid.underdog.media
www.btolat.com
4 cdn.izooto.com www.btolat.com
cdn.izooto.com
3 stat.flashtalking.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 match.adsrvr.org 2 redirects bid.underdog.media
3 image8.pubmatic.com 3 redirects
2 lexicon.33across.com 1 redirects
2 ad-events.flashtalking.com
2 capi.connatix.com 1 redirects
2 pixel.tapad.com 1 redirects
2 match.prod.bidr.io 2 redirects
2 cdn.flashtalking.com ajs-assets.ftstatic.com
2 rtd-tm.everesttech.net 1 redirects
2 viasat.demdex.net 1 redirects
2 playtime.tubemogul.com displayf-tm.everesttech.net
playtime.tubemogul.com
2 eus.rubiconproject.com www.btolat.com
eus.rubiconproject.com
2 rules.quantcount.com secure.quantserve.com
2 fonts.gstatic.com fonts.googleapis.com
2 ssum-sec.casalemedia.com 1 redirects www.btolat.com
2 secure.adnxs.com 2 redirects
2 secure.quantserve.com udmserve.net
2 www.google-analytics.com www.googletagmanager.com
2 www.facebook.com www.btolat.com
connect.facebook.net
1 nhwimp.izooto.com cdn.izooto.com
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 prebid.a-mo.net
1 sync.ipredictive.com 1 redirects
1 hb.yahoo.net
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 agen-assets.ftstatic.com ajs-assets.ftstatic.com
1 nh.iz.do cdn.izooto.com
1 ajs-assets.ftstatic.com servedby.flashtalking.com
1 edge.udmserve.net bid.underdog.media
1 sync.crwdcntrl.net www.btolat.com
1 servedby.flashtalking.com www.btolat.com
1 s0.2mdn.net static.criteo.net
1 beacon-iad2.rubiconproject.com www.btolat.com
1 rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net www.btolat.com
1 displayf-tm.everesttech.net www.btolat.com
1 hbopenbid.pubmatic.com bid.underdog.media
1 fastlane.rubiconproject.com bid.underdog.media
1 bid.contextweb.com bid.underdog.media
1 bidder.criteo.com bid.underdog.media
1 cm-x.mgid.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 palibzh.tech pahtuo.tech
1 pahtuo.tech www.btolat.com
1 www.googletagmanager.com www.btolat.com
0 btolat-com.cognativex.com Failed www.btolat.com
365 93
Subject Issuer Validity Valid
btolat.com
GTS CA 1P5		 2024-01-10 -
2024-04-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-11 -
2024-02-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
pahtuo.tech
GTS CA 1P5		 2023-12-19 -
2024-03-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
palibzh.tech
GTS CA 1P5		 2023-12-12 -
2024-03-11		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-01-22 -
2024-04-22		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2024-01-09 -
2024-07-04		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-30 -
2024-11-16		 10 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
underdog.media
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-31 -
2024-11-20		 10 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-12-25 -
2024-03-24		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-31 -
2024-05-01		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-12 -
2024-04-12		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-22		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.tmogul.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2024-06-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.tubemogul.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-06-13		 a year crt.sh
acexedge.com
R3		 2024-01-28 -
2024-04-27		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-14		 a year crt.sh
*.ftstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-10-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-04 -
2024-05-03		 a year crt.sh
ad-events.flashtalking.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-17 -
2024-09-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh

This page contains 23 frames:

Primary Page: https://www.btolat.com/
Frame ID: 18352AC6AFEA6FF23ACE489CBBF0C959
Requests: 161 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: A3BD1F5BD2247E180DED1BD113C43C0C
Requests: 1 HTTP requests in this frame

Frame: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5517843DBE2AB636477E8ED7D52988C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuruS3TXSAmfUCNQd4QcEKscGjxWUPOX65387wPCN8sxqg3uwWX2kj4wPjkBahuNOW3N93CSTnXlyFIZ2BBWN30iDfawbguQh3eJc7-BUYiIl0hous9poympQcqtuL4sBRN1-bwvbcnOB5wGR93J2nFl6r3ttwLtOQrLx0b2RMnpdAbweYGDMb1ZbvH8u8B1f-GpDppRm9VfFw4kK9nZujd7r8_oyi8JUJVB28qjRnmyalxIRc7fc_7DPN94mOz8M_UDt2HAyWxWajW48tMV2jMV6kZMdYVjAP6ZyThYynoRvU9NBopqTQa-UREcAhKlkpaWTKjSZlJeu6xsYIHvscXPTzJFg&sai=AMfl-YQ--kAkOB6xbQzTbCjetK-_DsAD8OiKgEF6Ej8KP_d8SWZy6sr2okTRc_GHUvMXTWz9xUiciXM5LZIfVciroQcqBsuK9KMAzGm3jh9WVyCFk_ZDmEm8jPdAYg59fZuYmcUWK3xdn9xd9hbLykA_p8MO&sig=Cg0ArKJSzMFBVUfD-tRtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 90B5E618A1E9A457788E8C1642378FAA
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu93VThgTD_4xCQcHVh8b5fp9QZS2nalZUvT7Fk0TVCrG_xlY-SxCvDIMfb_UjUEwRmYqNCxQ7UfAbHiZO8f2uYSq5z6SVcnfOpUiOvg-pti00yNDEO9bdSD32vVAlemkHtxoBa4rUdJCF955tDXQUT6xije_9Izjknf83JmRbgl6MnWOq5Qbud_PGoiFhvFzhNcu69xeYvnyLZ0nVuMl8rjH4QXFW3S6oFzBUTn4wA7WmrH1dR5CYuTfXZ1YsQzUs0DRhlcx2rdDT2h_oMdz69tHjFnrJx3uSqipdHuRs8BgVhBVqmtuJn6sE2GisOrzzJwn1ZAC6EWzrzcFqvXrGX7ddPWwWi&sai=AMfl-YR11ixncS6AyoDfmsSkdVDa6p411Y6G3T-pwUlB9LP2rh4bGs06dOy_9-UQ-kA3-rC953NNjCze7rSzNgL6rAwYV0xRynjZuwhCPvfrYgfMIt4a99LbZ1TRO98xlCE&sig=Cg0ArKJSzNQwi2JoMKK-EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3C826FC1DC1EBEBC845A55853641ADF0
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Frame ID: 7AD496304C26CE2FC6A8C1D5F2528410
Requests: 16 HTTP requests in this frame

Frame: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C48BE8EF9EEF802491E506BBA2C425B7
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 7EC033444DF04AB00B6766A7E19733B6
Requests: 25 HTTP requests in this frame

Frame: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B327ECC233897FF0AF261928E8AD5FE0
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUcOiyn18qB8iAFC_qJjbE20mlMCmoGNLTtP724ukX__90hvvxP5L5OKfFuBrLQUQ3uOcNY0hUlm2NBViP8ukHNAxbV1_AShixAcQ6sV6QsrcfHpTYjgAlo7LZUW7S9M_rhW7uGzFc99IKFkj_klifNynZ33TydD-NwVwWYPIj1D5NBzEprAyh4VVIkZd5sCrZ7f6jDrZEtD4GMkPcCP8LEYd_j-h96m8KMNsa4vp2R5qFSU34cqXb6d60tnpYQwflct7gMdDGPs_qEoz8HsLCk0__sFb5imPpqp-Kliv53Xz8nimcPGyJBsFIP4SS-fRiBX1lgIwz881JiqFU8oYuzQ&sai=AMfl-YS2Cgcpc6YZ_ZjkwCYb4rbdDJstEl7uLioEQ79IsodpLRJoIdxeO8g_nGpGN58l2DUE-AEzhkpFMIuVbmXDfLOqYalHoXjmTVsgyNu0Rg4ta666TVww6TR_csnMSnjbx1yT_ciqB0n88T5PJJcr_V8&sig=Cg0ArKJSzEgByeeEqJUJEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A5915E7C23D10E5CEFFD9C19FB3A32B5
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 992FE160652ECF0AD66E766C65F96088
Requests: 10 HTTP requests in this frame

Frame: https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/index.html
Frame ID: 7BC0180F645FB1353144AAD3079C060A
Requests: 5 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=7;p=1;rri=1706892924950_560851_96.9.249.45;mid=47782;zzz=%5B47782%2C1706892924%2C%22Y49kZcOJ0fbNcgJJCsWMmw%22%5D;version=v2.23.3;cb=0.0690314087180901;qqq=18.315018315018314;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Frame ID: 1A8205D19064CDE8C735B1E317F97FDD
Requests: 5 HTTP requests in this frame

Frame: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A68533C16A4D26964529E30AF9B5C71E
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 6278413CBEB514DF062FCC007AD75D3D
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Frame ID: 39704A0AB703A5D754B4DFAE3102D9BF
Requests: 19 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1
Frame ID: B4489CBBD6E4025F007038A5C3DBF4AC
Requests: 17 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/8/222396;8060576;201;js;AdobeAdCloud;OfficeHoursStatic728x90New8thJan/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20240202115526%3Ad%26s_kwcid%3DAC!W7uJ0ub3JbEPGESXEk9f!4JlDTeb7owADca9yZoOE&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&cachebuster=74094.15158247002
Frame ID: D53ADE77CA9BE7BF0B9FDFFD2A4EF5F7
Requests: 10 HTTP requests in this frame

Frame: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA238F4BF7F5E96C8AB3FF1C3D5A01B5
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Frame ID: 4684D739BE8FC3F40172F9AE0A99C1F1
Requests: 25 HTTP requests in this frame

Frame: blob://https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55
Frame ID: D7F75E306EBE5E49BE38845FB706CF9A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4D6BA5188F016B4767424911DFD6F25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49D1A1915FEBEBAC4053FDFA888E6AB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بطولات

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

365
Requests

92 %
HTTPS

45 %
IPv6

56
Domains

93
Subdomains

73
IPs

4
Countries

4770 kB
Transfer

10024 kB
Size

117
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.70549285 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.70549285 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=825646077963916831;cb=0.70549285
Request Chain 140
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.70549285 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.70549285&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTI4RjhFN0ItMzYyQi00Q0RBLTkyRkEtMUU0REQ5ODRCNzMz&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.70549285&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DE28F8E7B-362B-4CDA-92FA-1E4DD984B733&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=E28F8E7B-362B-4CDA-92FA-1E4DD984B733
Request Chain 141
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bindx%3D&s=199174&C=1
Request Chain 142
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.70549285 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.70549285&verify=true HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-cIk61JpE2uIufrLyEHierO6tC1w5nRle~A
Request Chain 143
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bsonobi%3D%5BUID%5D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.70549285;sonobi=4c4e4dda-0033-44eb-9fdd-e32c1471013c
Request Chain 144
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.70549285 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZ6EH-1C-750Y
Request Chain 145
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D HTTP 307
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
Request Chain 146
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=54b342e9-8025-4e0a-b3a2-67c771470ec9
Request Chain 273
  • https://viasat.demdex.net/event?d_event=imp&d_src=1174107&d_site=672669&d_creative=4118350305&d_placement=2643516&d_campaign=727394 HTTP 302
  • https://viasat.demdex.net/firstevent?d_event=imp&d_src=1174107&d_site=672669&d_creative=4118350305&d_placement=2643516&d_campaign=727394
Request Chain 274
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-2194766152732602051;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs HTTP 302
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D HTTP 302
  • https://rtd-tm.everesttech.net/ct/upi/extseg/pid/PYUnd1ve?sid=D&_test=Zb0efgADG5EzbQBI
Request Chain 335
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WomJjm2FTSKEl7pUhl8oVQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WomJjm2FTSKEl7pUhl8oVQ
Request Chain 336
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS4VZ6H9-1A-F8LC&ex=d-rubiconproject.com&status=ok
Request Chain 337
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=726b63e6-02f2-4558-b267-64b7d0483091&gdpr=0&gdpr_consent=&expires=30
Request Chain 338
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wgopCWhF-9_3bKS5aaBBt8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hNLsCBE2oJyMz_gi9OXKi3czVORkBxSNwVWmg--~A
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFkJLNFW40iDY2uW1iV9OAM&google_cver=1
Request Chain 340
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFM0Vlo2SDktMUEtRjhMQw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJFpVsti-qfR18UCZVVwHzE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0Vlo2SDktMUEtRjhMQw==&google_push=
Request Chain 341
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yUe4UxrWRwSpM5H4tj56tw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yUe4UxrWRwSpM5H4tj56tw
Request Chain 342
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS4VZ6H9-1A-F8LC
Request Chain 343
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQ4ZTVlNjViYzEwMjc2YjQ1MGU4OGIwMWViYmI4MDExM2FkZGQ2Mw
Request Chain 344
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABSlE7Lej0AABNxUayRiw&expires=30
Request Chain 345
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS4VZ6H9-1A-F8LC&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS4VZ6H9-1A-F8LC&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS02eU5GcHBCRTJ1R3NmSmZDa3Z5RTdzRTdScEN2aG1JSn5B&ovsid=LS4VZ6H9-1A-F8LC&dpid=58160
Request Chain 346
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f03de5a0-48d6-4d56-ad47-651eff7d0127&expires=30
Request Chain 347
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS4VZ6H9-1A-F8LC HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS4VZ6H9-1A-F8LC
Request Chain 348
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS4VZ6H9-1A-F8LC
Request Chain 349
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LS4VZ6H9-1A-F8LC&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LS4VZ6H9-1A-F8LC&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 350
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS4VZ6H9-1A-F8LC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS4VZ6H9-1A-F8LC HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS4VZ6H9-1A-F8LC&ckls=true&ci=n5Yvn0NDSO&nc=false&trid=-121876120
Request Chain 367
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=iujNki%2FKon7LxENUgvyZ%2FE2Ud8Z3%2BiSnduQG%2FGYXxEw%3D

365 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.btolat.com/ 		112 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65badbec7f23d1a92fa71089f249aeefbd86dcd3022d5fb126539a73622c806

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
84f3f622df514bc6-BUF
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 02 Feb 2024 16:55:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyL9gZeKTJJYv6CVvIm1lqOQG6CXXqgq4UPrWCXZ5Pn1lSCbSOxW8j9tb7Xnr4Cb6qA3zXfC5R7RA7%2BlWWW5ALgg9RXq%2FStPymHaPb3RdoMP6s%2BPDJwbGO6dqkTxzivPLOfwZn%2F5fE%2FRObaX2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
www.btolat.com/dist/ 		467 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
758a849ace3f8da872dbe66c1f7fe9de5bbf161ce29e54686a0a5af46a2ac74b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 02 Feb 2024 16:55:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZV5OwWHNyk6BBCu%2B1q1Nzbe35RoV31mgl93N%2FNEAZjXkn6S%2BmoCfVXfvwpwe76ApnODa8v%2BoCmsvKdpt8GATzOjQSYEo89VkDTqMkjAF4Zig0IbP49Es4P%2F4rGpGU%2BkERibet8%2F5%2B3JthlQ2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public
cf-ray
84f3f6237f804bc6-BUF
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 16:55:23 GMT
site.sociallogintabs.css
www.btolat.com/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/css/site.sociallogintabs.css?v=2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e91e06c06bbbb021a7a6b87c9b1e01d2fa18f16de16e30e1a8a5c8b9a2b93db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 18 Jan 2024 10:21:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140205
etag
W/"acdc42af849da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOBPm35wnjJYZSptaqzVDMIbmhrDhjuo3Ou6brDs4dayfW9NbZbMFc9UHWkKOPYARSghOQNDlqsgC16ygERpd02d0kPBWK2olQ1u%2BJ9UwwcHarxIXTqfrTBg73He5fQP3f4ijbQyFEEnLsT2bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
84f3f6237f814bc6-BUF
alt-svc
h3=":443"; ma=86400
notification.css
www.btolat.com/assets/lib/social/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/lib/social/notification.css
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84bb6777670ca188fb6a7d6298b367e96e356e00a34c9af3c8e66c1e949601b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 18 Jan 2024 10:26:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582802
etag
W/"b8aec3c1f849da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klKyFtFOIwPSqLAjU2Yg0C5X7jwY69EQAHJjktELvt5IBztPb4Tz9i5s0aa%2Bz6ViglHP%2FLr5FjCqOUEVu5278S4rYTTovvyJz2H%2FcXx%2F3dMunUN%2FcXkE%2BAWFnXuojVPM8zJH5FBKEN75N9lJ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
84f3f6237f824bc6-BUF
alt-svc
h3=":443"; ma=86400
site.localhost.adsCss.css
www.btolat.com/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/css/site.localhost.adsCss.css
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ztbm9vkoATjFtuD5Vv7DolYkExMj3zF0AkZv%2FFAKuBufyr%2BgveOYfCD%2BFUuX16CT2r0K2lwRCZIbQeQ0B5GzyOQxopNusk9K6Pst%2FOruytsQ8YojI5JLzvoZZjkFDRgrJS7FGIvsr00M4IOKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=2678400
cf-ray
84f3f6237f834bc6-BUF
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6710064945af4199af73e654a6db6c34bcd53b9420762dabb09a2382b343678b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30284
x-xss-protection
0
server
cafe
etag
937 / 19755 / m202401290101 / config-hash: 16504606021960176266
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:23 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8D6S73ZBHH
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1f09559b8040f17c7c235c8f68f715d98e9d7db0fa7892b370183f34b111554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93738
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 16:55:23 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
474cea7f3f466424de9bae50f66c078ea836427bf55c23973bfdd194ed125891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 16:55:23 GMT
content-md5
BUbuwnDpCazV3bxDsvRDYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
QIW/cHInz5OhrwaaBZZvQiBViMslxlVzqlcim0adRIkbvV72WfUuzkK2gW5xRpQngn5OKTCsMCeFa30gxIoEZQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d760ab427c470779013c5a42439953e8
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"beba0502ab03849e2a40bee39ec61a66"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 02 Feb 2024 17:11:33 GMT
e33a2420443e20bfa49b78c813eaacc658f872b9.js
cdn.izooto.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/e33a2420443e20bfa49b78c813eaacc658f872b9.js?v=2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef546db08af45181e73c6a623bd2f6d4eca7958e8f4db46e887bfa2ba74f28f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 30 Sep 2023 19:23:18 GMT
server
cloudflare
age
789001
etag
W/"651875a6-65b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
84f3f6242cff4bc9-BUF
x-xss-protection
1; mode=block
expires
Sun, 18 Feb 2024 16:55:23 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb92a0b611a67f6017cbe3e9541b673c165939913a07b0801ae9362926b64e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.btolat.com/
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 16:55:23 GMT
content-md5
DP8z8Wd7Z0p+Vm8G78oe9w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
hnUHendc0L3/sE/blFMpfMYB+m+4JL2fnjWnaAYQbyNyarll/x6IbPB5fiLG09cEmedVdFYz4gc0AJFze0tLPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
0c4d849ef758c8f19316f126799c3289
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"bd0d08550caaad608d959ca9632f2982"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 02 Feb 2024 17:12:20 GMT
jquery-3.3.1.slim.min.js
www.btolat.com/assets/lib/jquery/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/lib/jquery/jquery-3.3.1.slim.min.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 09:12:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
585982
etag
W/"a16c37ed9dfd91:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsCvTOmhYgEdn4%2Fqsps6n2mcL3T3zxmedUYePW6o%2Fa4YHTI0XrNNGO%2FnCO5Zh3xsSNz3l0i1Tdwu1hRPNHwPxM8TEHPc13snmQoenMotYc9FG6%2FvCqJBD5IlLvSiBccXC3UZn0r%2B%2BWd4BTMmjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f6239f8b4bc6-BUF
alt-svc
h3=":443"; ma=86400
jquery_3.5.1_jquery.min.js
www.btolat.com/assets/lib/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/lib/jquery/jquery_3.5.1_jquery.min.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 09:12:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140205
etag
W/"3a3af5fd9dfd91:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOm8bsu%2F9D1tIWXcB1N1NBdwKx%2BOoQttvGzd%2BN1U3B3JDldG0Fjw1OahaydsN2zTEaKA%2FZTH74EvepzHh9M2FhgdW62QszsDD%2F1JKnG0HWDqU0ouDEvWYnr8izbmLGBjnC1Oy6FOeJzBiI8k4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f6239f8c4bc6-BUF
alt-svc
h3=":443"; ma=86400
btolat.com.js
pahtuo.tech/c/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahtuo.tech/c/btolat.com.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e3a217c41e7f7c4dc7c1c7db1a8ef16295c610d943b82c422b1a735897fb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
42JRMJTG9DKM3WMC
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
3550
x-amz-id-2
eQIOAO+zQEJsxxOqlGIFcgjY/g3D5qgAAWfrgQgpbd8yw2j9OkDA04HwA2gYgO5qfsVmxRDpu6c=
last-modified
Tue, 23 Jan 2024 07:38:16 GMT
server
cloudflare
etag
"23c37375c0c7ff3ce6c68278389ae6cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WYlPw5aSjOt8z%2FDyvkpYwJspoKAEtGEarNgOwCWTOlA3RYGhAUrx6QpuPxR2HDYaa0r0p9y1L4iPr%2FWRQEdz2vgmLJ5rTs2uhaKBI098YYMIwCbitNn9kmMw2XpqeJvbLPEpi0pj24BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84f3f6267ce24bc7-BUF
logo.png
static.btolat.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.btolat.com/images/logo.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e52ec989a1ef0744bacaa597935b7c107d84669815441823f52aae026af38fdf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1301258
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
19064
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
server
cloudflare
etag
"1f448d906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gZ9uZTERsIkajvlJ8tz1Hx8BKFJ7HRIlRQmkrYyP99MF%2FZA59iHYdV%2Fxx3tAPEACYAU2bC0E3l1MWPhyRnY%2BOVVrKitMLNqrEeqrFq3ot2t1tcEkV%2FGd9%2Bja1Wm8vgTGJaPp%2FaMbEAQI79motIsAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f623cf9a4bc6-BUF
preload.gif
static.btolat.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.btolat.com/images/preload.gif
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f1f0630d276906acb1f05d62ef73e563bb0eabbdbe54e453884c1673c9e4af45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1227848
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2343
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
server
cloudflare
etag
"dc4894906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfd01pevadchJfjMHxETbgfm4uGiHPdHOTJ9B9IQzaWNWHZ3TeQWiC5wTQJumg3fEi%2FbQIpJJ2fSdATHUPiJghzyMlDIEeAhagQnNbOtH1deuoL6UGTRb%2Bap7EI2BIIK7DxTl7U7U%2B4EUOb0hETsaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f623cf994bc6-BUF
8878.png
img.btolat.com/teamslogo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/8878.png?v=682
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3addac1f8a8aafd8db0c71e77ae8fe1e029c4a6c2ceda391b26236500d5507d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15366
last-modified
Thu, 18 Jan 2024 00:22:13 GMT
server
cloudflare
etag
"6f437f62a449da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTH5XCud7T0g5%2Blwq9CP9e2HKWRQeja0XQU5vpMb8PwGFzHzUFuodk8XE9JfjrLF0fEbKC%2Bh%2FqhxFx8ida06%2BQcAs51oMZpoCFulXDRauPvCiZAn5uwxEsXFr2vGAgUTVy4BmynY3NMhhTKI6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62608c34bc6-BUF
8883.png
img.btolat.com/teamslogo/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/8883.png?v=120
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07c689ee7cee412664dbdf0a74f744c97afdc56a7233719651f000d927bd96e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
26926
last-modified
Thu, 28 Dec 2023 00:39:13 GMT
server
cloudflare
etag
"f6d74472639da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7WEmsqec4%2FW2UZuvF7tw%2F6qQRNlcRPadLhShj4bHk0%2FVFV60WGrY9iI%2F6U4J65vjWEZnT%2FZ%2FIaPZcJyi1404IYDQC0gpuA0nzYAjqcVQ0%2BmBWBvIsZxL5kGvP4a9QvjPOlI%2FfyAwkNGvWP0Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62608c94bc6-BUF
8959.png
img.btolat.com/teamslogo/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/8959.png?v=14
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7eb3e827edb98d53070f7e82665b5a13fd7b5293d4c8c22653571836c4a3867

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
23960
last-modified
Wed, 20 Dec 2023 02:29:58 GMT
server
cloudflare
etag
"ced2d06cec32da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yq%2FIKFHWzrk3OvYsg4UOi0JVIce69312qLBIj2RrpBrvfhSUVE2wzQMRq8uzr%2B5Sl9FYDBEbOEqnfF%2Fc2H%2BzQWNGhA0dYSS1zcIH5tdL9e98NpgjU566Atj8iZLfWZ%2F57ge787vfMt8s0M7VwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62608c74bc6-BUF
9249.png
img.btolat.com/teamslogo/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/9249.png?v=727
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aeaec26604150644eb721e54cb1c089e1369b825e6d2dee9f1d84d58cdbe586

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
29866
last-modified
Wed, 31 Jan 2024 00:04:04 GMT
server
cloudflare
etag
"b5bacc0d953da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdexkKvUHGjsFS%2Bt2u4HzhuAho3GzuhQjY%2Bo7XJYkwbg7qiQVsXdCPWDmw3AbZwLY5r92DLPpKDi12d4lTzkP7M5j1pO6FSr%2FgU5FSbgMVLzlIPSMhnmHL14y3NkrisHTpBcF%2BLQpMy2qEVr8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62608c84bc6-BUF
15702.png
img.btolat.com/teamslogo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/15702.png?v=340
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b578f923c6d2826feabac2442d3e73f201f56f8d3d22235e42c0ea8dbdb96a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10217
last-modified
Wed, 31 Jan 2024 00:15:17 GMT
server
cloudflare
etag
"a347b591da53da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX%2FanS4pq5xLomJbT6w6mnxxkK3QKAFNmEQwPsyhDsN9ZwPGmucrHUiiswngHf4rbWdC2wnkRP7CTQT5xE1MKCDHnHGdGTQZwzDAFxGxt5T%2FfNRa6Ct4Pm4cLMyk97TNVius4Y5BPa9JNB26hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62608c54bc6-BUF
16110.png
img.btolat.com/teamslogo/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/16110.png?v=384
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81180d6821e8e0b339b3d679f77ea235b66a9d24d3dd2e845b66d9fd5e937c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15988
last-modified
Thu, 01 Feb 2024 00:10:04 GMT
server
cloudflare
etag
"fcaf951a354da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar5I2QCcMD7pAtVkMYN0z3RtrvXN4InGmjAYJgX8gBdKDsdpgz3zltiXOWlr9yTbrVQt2TAOC2Xoakbhm0uvzvgqTwNfKfVWylOrALeoWT6F5ud2pnODPQB%2FH9d%2B5PURNDwOMqlTcCLjQ0ozeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62608c64bc6-BUF
9259.png
img.btolat.com/teamslogo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/9259.png?v=127
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec396661c156428b535bc07b917cdc290218b7226ccafeb6c971c714cbfaec0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15129
last-modified
Wed, 31 Jan 2024 00:08:18 GMT
server
cloudflare
etag
"7188d697d953da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmMe7ZEya0ZHtgLU8TUiDcLO1tSidgte6PYgLtk2Vi2S2JBcL66Wax8vxDghrd3dXIAGxzOfOQWF7SH3nzLLsjLfPle2Oq7iqon0z3iHEnwNg3E8WyRu6rL%2BjR6eDmMOBF%2FgiLeZCNaeI1hz9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62638d84bc6-BUF
9002.png
img.btolat.com/teamslogo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/9002.png?v=429
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ece55bf509d7ea07fb4a78c2d1273d5267fee86cefc14b78e495e8ce12f3eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15314
last-modified
Tue, 30 Jan 2024 00:13:03 GMT
server
cloudflare
etag
"19607a171153da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9j5v4slPE9ScaQhd1fTPmkKEqDJzPUrugg99ChtuWmBjeioM1uIzGc7F1JEgi1EL5676Le60JkZ%2BzIAj2uNkabqoSu0ty2%2BKhb7TWvK4QzO4E%2BnDQylF%2Bm9WOtk6QgWrcbqbGhgmMdCnYMiBWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62638d94bc6-BUF
10061.png
img.btolat.com/teamslogo/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/10061.png?v=747
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd40c1c311037a6e5c8bf7e1b43b412a14f2a7806e5d340125ea46802852ff73

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
32119
last-modified
Fri, 02 Feb 2024 00:06:34 GMT
server
cloudflare
etag
"996ebaf6b55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOUFmFn9iRzNCu1Ca6pFa2hDJVmUW8idj%2FAbD1TxXni9vTjKXlCGWzhqWyBwX3KvdTgTCd2YOXreYlV5OhSJ6%2BvMGI9mTu0fyl0kNegCsp33STvjodhdfuy29J28WS%2Fv7QcbtIUxWShV2J44HA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62638db4bc6-BUF
10285.png
img.btolat.com/teamslogo/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/10285.png?v=790
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4a57972a6fb41be74088626646b9c1c02b8be5cb2142f4fdda77a3693ca96f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
17958
last-modified
Wed, 24 Jan 2024 00:42:17 GMT
server
cloudflare
etag
"a01eae2e5e4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YT9dJQ3yEH2Y9wtYPRzol%2B5VN5EGnkUtX%2F8sozCnUhsPz%2FYcroSRwaSKv2ToW9YU9A%2BtNlWsBjBEehBGyJZzkedQUFVdpfguo8pZ6b7nMuLgrV0MXKkMiFuYQziU7AWnFB%2FEBmduvSYzcIF3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62638da4bc6-BUF
11922.png
img.btolat.com/teamslogo/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/11922.png?v=84
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284e5a3018a69056c0a110ba83169175824f7b677a342d006b463ba29237a8ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7425
last-modified
Sun, 21 Jan 2024 00:55:28 GMT
server
cloudflare
etag
"a0327e8644cda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNwrnSC%2FHjIV%2FXvCcfynq16sVGEGi8WmwIN4SZMv1JYLhJOgeAY2%2ByetXSh3KCgkzM8YWcqMkh1T8m8f431n3gYw0zRS2vD7z9%2F4bhLoW1EOw%2Foid6GAhmFqaldYIaXDpFHXsxbXd5wBVdBH3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62638dc4bc6-BUF
8930.png
img.btolat.com/teamslogo/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/8930.png?v=394
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1195fdef981796930b67be17e052c2c7541131a55717fb1228cb029ce8ddfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
42328
last-modified
Tue, 28 Nov 2023 00:37:24 GMT
server
cloudflare
etag
"806f54e9321da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3jWmjoMKWTuRiAGKDxr5eTBqBGYy4nBlk0tmBcy6fvnQYzGEO7iQLQRrYsxv%2F5BzgFUoTTh0eUCve8rsPUpILJvmGob6zLb6dJk2pDcvANcZEwDawfCgs29AeNgGOENI9viEqzdlfU4ZH2CEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62638d54bc6-BUF
23165.png
img.btolat.com/teamslogo/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/23165.png?v=204
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3207350ac2167aaed31db10ac9fc379890bcdd4bcbc1528e0e96ece7a03615e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
23345
last-modified
Fri, 26 Jan 2024 00:23:00 GMT
server
cloudflare
etag
"298b85d1ed4fda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0Xs3TFIiJy0t7b47uZ3ZUrCnDHQYF4XBg9bSb2LRF4D%2B%2Ba9v7KlXdCvoht%2FtajHRwzieq007kE4C%2FNd9EFyBP8knyPBv%2FeGrQcOapuC%2FLY5pgxQb3KvfGCnSpM7rE2iO6niSP2tQBWvPtXjlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f62638d74bc6-BUF
play-arrow.png
static.btolat.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.btolat.com/images/play-arrow.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9b8fbe907b42a439b29348b6b808725467728ba8df78726254369df21cd276ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248451
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
16143
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
server
cloudflare
etag
"73893906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTlTgv2xODOuC0XaKb3%2BzcBRp%2Bu8xQiiCatkrtAIII2XWn7h3B7%2F61W9KWMY1hIyQPEEtZ%2F6fGv5n%2BC7kfFv62oMM8no36XgKIyGmAZusNTeDPWyQk9ZK9%2F3nIybPB033WLKPgKJ2rYBmFAepqQ2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625eef84bcd-BUF
7aa60c80-8e67-4dd4-bf10-b67bb57443d8.png
img.btolat.com/tourlogo/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/7aa60c80-8e67-4dd4-bf10-b67bb57443d8.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f478e0982569b51b6cf2a2596a4509e9e473ab3fd0bc5b149dc69d73fd01326

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6312
alt-svc
h3=":443"; ma=86400
content-length
121312
last-modified
Sat, 08 Jan 2022 21:29:13 GMT
server
cloudflare
etag
"19b858c8d64d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FGz8ePIO%2Bo5OVW7XK%2F1bHKydxc5Nb4bdk03W7CnZUz7%2Bjc1khdRq0O4LAJljVIBhKfpDQus9FqemoXy8RByMzduzzn4cqfdohSWjA6PWLxZvA%2F4%2B2kfxnp7hBKWde%2FEP6SwDcYNayzau080wg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f5f4bcd-BUF
49fee316-50f3-4228-80a5-728188802336.png
img.btolat.com/tourlogo/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/49fee316-50f3-4228-80a5-728188802336.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd7cad8837207f238d026b3845e11853660fa5b179a6c96b55d0821ab5fb741

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
33106
last-modified
Tue, 18 Oct 2016 12:16:29 GMT
server
cloudflare
etag
"1b8ea0743929d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkY5H0i7Krt4pOBcdXKBnaiTEUbKRX50FT200W%2F7ASn2KNhvmIjvHj8DujTYWK3d41%2BhPZhoDKQRgulaDK9zbmPSfS9j7R8%2BroRT00TRdW89WLzQ225UkWDFpvkst47OFpjkhicq%2Fbo8jSc6Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f604bcd-BUF
84aa6db5-64e9-439b-a595-2040420fa1e2.png
img.btolat.com/tourlogo/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/84aa6db5-64e9-439b-a595-2040420fa1e2.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1078d66bc3cd244ab4bc95bfa443adece79dd54de00d92c1bf5408b4536635c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
30529
last-modified
Tue, 18 Oct 2016 11:42:01 GMT
server
cloudflare
etag
"62328a43429d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRHudvPuTJ2VjOloEhNlvdw7nLcUE0ncWU2CYm%2FSuHoeFg3jeaAp%2Fnr0F697gJxY7te7K5WR7p%2BfAuCoflTreRuZCjoM8gT4Hr5xogWoq7AyhyHz%2FCpDqTgO3%2FlQl8G50H8%2Ffek4icjGkraMlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f614bcd-BUF
fbe24ce8-0123-4de1-936c-bccd9516e16e.png
img.btolat.com/tourlogo/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/fbe24ce8-0123-4de1-936c-bccd9516e16e.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8befb2da354d7f317a1d148773743125635d00d5488bae27835566fb4cb253f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
54688
last-modified
Tue, 18 Oct 2016 13:17:48 GMT
server
cloudflare
etag
"50198754229d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuVFFIMwR%2FSn40DgYCG7T%2B78v5fZZkx5X1wpm8iKHEGgAVak7gmh7MdKhtcCF5qFp8BPiFLEc9lTyNg3TiX8sULUHK1QxUoK5S5BHR2ohdOlcPxqzlJzrLh7ucPGPLXT4pci1gctPW%2Bq1Dk96g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f624bcd-BUF
32eab27b-e23c-4d16-ad92-605a1d6ab55d.png
img.btolat.com/tourlogo/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/32eab27b-e23c-4d16-ad92-605a1d6ab55d.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc719b2398bf4180d048904f5c37006183bac05f2d152df0795aab4ced853b7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42947
alt-svc
h3=":443"; ma=86400
content-length
27035
last-modified
Tue, 18 Oct 2016 11:48:32 GMT
server
cloudflare
etag
"eb8a418d3529d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIubYa8xdC17JYxBbh49gv1cB0kiPqIz27aWVub7Dpib9EQZWvtQMMPLBtM0hPD5VxIsCeCTrK7L5CChUzPLLHfZxvQC%2ByHKLWmI5f7sguMExhE0WZb%2BJUPAQLbf0GgMdOpdMnszvG5qBWyleA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f634bcd-BUF
ed687795-f506-4c5f-a66e-a9520d80c697.png
img.btolat.com/tourlogo/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/ed687795-f506-4c5f-a66e-a9520d80c697.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce462ca9cead618103382778ab4de741afec15d84d4a5bbc2f51276a2cafe5cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
50523
last-modified
Tue, 18 Oct 2016 12:04:01 GMT
server
cloudflare
etag
"5c57fbb63729d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYn1Ewh1EbFBOK6BFEKQ34QKs0EoLjDXFWK%2FqUpHmwU6qZVbfIZU1oZrF3AAGz3t%2BUHOJPW6dvQ7ay40G29oxJJ8xt8iz2eX39PpcNgbdWGDfCrSTmzG%2FpZDNvsHACpI4BJde4rPMJjdnGUYPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f644bcd-BUF
f042a93b-625f-498f-bc1d-bf6b68c84fd5.png
img.btolat.com/tourlogo/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/f042a93b-625f-498f-bc1d-bf6b68c84fd5.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3123c0416aac4344d7de8e6921ef7c094989473880893f50ae5cb9e74c63c612

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
55605
last-modified
Tue, 18 Oct 2016 12:26:31 GMT
server
cloudflare
etag
"24666fdb3a29d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2dJBUP23PhcKAi16FcaIR%2FaDV2ONbMbiXajRkneRgQCFQsLPTUdK2JXnhD5XZ4aD1F%2BDi68uZzE%2BYdWIFarLJYdaoEGQu8wDYNTd7ZdPT3N51rdsgZSXe%2FgwQo0dVYrUEZsXeWsgvXaOoK8aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f654bcd-BUF
db09da19-aa10-4e8b-a12b-e97cca2a255b.png
img.btolat.com/tourlogo/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/db09da19-aa10-4e8b-a12b-e97cca2a255b.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4588606b9e1bc0f5fc5166c9c48a1ed9ef188c0fcbe16a7ef3e5c9dcd6e996e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
33557
last-modified
Tue, 18 Oct 2016 12:01:47 GMT
server
cloudflare
etag
"512722673729d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0jEnwF6p5dB5s7%2FN8Vh5ubF4OzUuLzQmia8UoQ0oR8SsqUEKXMH1ZqcmOVwWKofT0sSFEpfCM1gPy5iepO1RGbyZxFp9t5y4hT4b5PhfcHVUOmeD5pQ1wdSwfA%2Buh0YCPnfc5rV3CspL%2FX26A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f674bcd-BUF
a0ee0c6d-dbb1-4928-bea3-9c3077a3c414.png
img.btolat.com/tourlogo/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/tourlogo/a0ee0c6d-dbb1-4928-bea3-9c3077a3c414.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6bddf865d5b90bdeb56c1e4316f8be0d5c7fbe8f096554c910984e73a21efc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
33803
last-modified
Tue, 18 Oct 2016 11:53:49 GMT
server
cloudflare
etag
"c1eb134a3629d21:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5z4cP3%2BMJDfh6ekIO8xpyCfqPHBMw6BQafLXk7k4UfNj9%2FDQaWcyRIb%2B%2F8i5QNP1cFntm%2B2CM5chbjVNQnrpDMcYc%2BNfm3fWiv0zFKXwf1b545l90jFYzrjVZQ7%2BY28X6a8Gm8jAQlz1szv4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f694bcd-BUF
logo-cv.png
static.btolat.com/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.btolat.com/images/logo-cv.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ff086d4f685c26a98ce7977c05c2d6be61d6a976a1af24f21d8a81820af6d67f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1299663
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
16543
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
server
cloudflare
etag
"e5cd8c906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfTNoxBgguKAafTF0%2FBFN9YhshR%2Bm%2BGtQqAI24SPX8552nBzLwYVF%2BeCG1S8cM6nMzie8CbHAo6OPt2PgI1m9jmq3Rgdgjm8Pl3Re%2FZzYoZC8Kuzr5Zo2ONuVYxpl1%2Fs%2Fl%2FxlW1JK7cC8IA6ZykeLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625eefa4bcd-BUF
popper.min.js
www.btolat.com/assets/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/js/popper.min.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582800
etag
W/"52f4bd906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRCJDn3TMKvDAiutWmSB1PRI9GwxzVgTdfpHUACFZw0eDgNnvozXbOpbWKDo9cTSMeUZGL4LJbYGUvSvAlTtNUhpQroQAH0RngU3ICHx8bCR9%2FnqrFsWWuQ3qj44ewnyMxY2LChJfXDRazaBZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f6240dbf4bcd-BUF
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
www.btolat.com/assets/js/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/js/bootstrap.min.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
585981
etag
W/"d43a4906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOtQMG4NI01IrCI4wLKobdFi555l9zsWaEz2ehFD%2FiisRM%2BtuoQO045%2F3vwj1y1z6RyVGg5BN%2BbJhJ%2FfjU%2FYNIStVEiXAdXrDRLV3Io5CosaE%2FSsGTigE2yfFMLCWRTfK0T8DRPMKU1ui12LTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f6241dca4bcd-BUF
alt-svc
h3=":443"; ma=86400
jquery.lazy.min.js
www.btolat.com/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/js/jquery.lazy.min.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c18d5bc93845dc3a04c0262d9afa91dfe91212635381a94702c7ea30f412f9e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582800
etag
W/"ebe4a8906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1L6E4v8p2PFehR84IkRspEDOKmZRRxDrw6gHZ%2BxPbljLauzFXgUbRGxwMBvfkGLiiiCpNpD8kPKI2x4Xmvlaw2O1TnR3XP1W%2FquHb010VMR5C8iPfySwGFYvHOzUeJbyt2Nd3w13yB1%2B%2BsC7Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f6244dec4bcd-BUF
alt-svc
h3=":443"; ma=86400
owl.carousel.min.js
www.btolat.com/assets/js/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/js/owl.carousel.min.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf3905f34060d87775e6010bfcda5aeed37becceb1d7229196ea8e8501a7c0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582800
etag
W/"ca4bba906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6iiCeNH1QQtzew6%2Fj6euLdk1ji6EK8NB7pPI7%2FGkgv5ojj98SFZ2vkA04eGSU8L3bx94ohXu5g3qYRsrOIst4voFVJTy1I%2BElkE8%2BbNkHBtz9szMbsVTkmRta1wsw88ofamcKTldihKk%2B2NgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f6247e034bcd-BUF
alt-svc
h3=":443"; ma=86400
notification.js
www.btolat.com/assets/lib/social/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/lib/social/notification.js?v=2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b38a128b788add8d752869a015b0af2811a42bd192c575b972fdca350db821d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 18 Jan 2024 10:26:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140205
etag
W/"5da9bfc8f849da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDl9OlqMwzjwrBzPfEGEQS5GwBbdyj30bL7sytUkqqOKigDFUk4ee3e%2B1YPk4Ulg7O8KfRNze5a%2Bwn5crZBYVgdsr815vA5qfxzAGyFGUeGAgF2iN6PirAXP5TVaXFOp2eDftBSTl0BdpeLsdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f6248e074bcd-BUF
alt-svc
h3=":443"; ma=86400
main.js
www.btolat.com/assets/js/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/js/main.js?v=2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c768a151beeba737f6bdcafecf755cacdcedc0addb237da840766f826567deb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 07:16:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582799
etag
W/"dcc84dfe9443da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M15Yo2%2BWslsuZHUyx5MiO3Lfn9CgL66LnXVgVry1gtETTM8uQz%2F1IbrbgkngU%2BHOy6F4uOc47xm72TFrx4GGM2E3u2QZPg%2Fz8kDfb0cXWPcIEHDULQU2bZL9D0zYFa6a2GMaxvhx8OMt5JlTBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
84f3f624be374bcd-BUF
alt-svc
h3=":443"; ma=86400
all.js
connect.facebook.net/en_US/ 		305 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=770e98f06eebec55f454c7030d5fe69d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e6304cbc6414b8f0e4ac98cbed84e091de6b35be714ac116895d8a64eb66171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.btolat.com/
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 16:55:23 GMT
content-md5
9Xvj0xJCexHu4blnT26pjQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87950
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
STaqjC2JLWrKo7JrAO0VuqcH9MS5FcCs6fRvRQK+86D0ARm0fSc6Hc9+xzw0sV4EcFR297julKJGYGNQLkL2PA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c3b1e7b7e234f0aa0f29b3094fb42dbf
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"93b1a36d2e12d259f67d69df155d5745"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Feb 2025 15:28:36 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb92a0b611a67f6017cbe3e9541b673c165939913a07b0801ae9362926b64e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 16:55:23 GMT
content-md5
DP8z8Wd7Z0p+Vm8G78oe9w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
hnUHendc0L3/sE/blFMpfMYB+m+4JL2fnjWnaAYQbyNyarll/x6IbPB5fiLG09cEmedVdFYz4gc0AJFze0tLPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
0c4d849ef758c8f19316f126799c3289
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"bd0d08550caaad608d959ca9632f2982"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 02 Feb 2024 17:12:20 GMT
fbds.js
connect.facebook.net/en_US/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c4ff85d4acb13ae166c4eca2d71cef262ef6a06c3aa75dce78d66f56a7040eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 16:55:23 GMT
content-md5
K81Te0OTGjMQJUUAxGbSLg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2165
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
IdkEX46q9gChFvz4ZmVB+SxFACg/1KAVV0J0t02zSpwp/FcyRKNLjKWGeNMCLdiBbLJsoBpIARACHx8GNTLH6A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4ea66dab9691f29e273d314d72210da3
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6cbd8490551ca24b9409266145ed61ce"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 02 Feb 2024 17:06:46 GMT
izooto.js
cdn.izooto.com/scripts/sdk/ 		324 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/e33a2420443e20bfa49b78c813eaacc658f872b9.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663a877bbee16a7a3d457d63b6ce5bb8c567942e558742c3a116687897460cec
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 Jan 2024 10:11:20 GMT
server
cloudflare
age
974601
etag
W/"65ae3f48-51169"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
84f3f625edc84bc9-BUF
x-xss-protection
1; mode=block
expires
Sun, 18 Feb 2024 16:55:23 GMT
cn.js
btolat-com.cognativex.com/cognativex/ 		0
0
GetList
www.btolat.com/HomePageMatchesBox/ 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/HomePageMatchesBox/GetList
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/assets/lib/jquery/jquery_3.5.1_jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54a626a26b060dc463c98d3d747faa7172b131cd69f01275edaab4763dad146

Request headers

Accept
*/*
Referer
https://www.btolat.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPanyf1wBCObst86D1VUzyaaXsc7LKFSuIpjjjlck48pSuyn30XY7%2FQxr%2Bjz5dtJAyUob5jT91cyMxIXBbUr9GQTsSc%2FCOtmZZWwsgTA6m0tx9d4dxBp3Wcqs75zkKhKzMDTHlaYm%2FuzG8TmQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
84f3f625eefb4bcd-BUF
alt-svc
h3=":443"; ma=86400
loading.gif
static.btolat.com/images/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.btolat.com/images/loading.gif
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8fe25e08fd7edd50bc59273ccf05a9909fc1124e942effeb467fb397339db22e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Sep 2020 15:23:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8826e7de2a85d61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55AcTMGLXMv9scLzWEGYR4aaRaJW3yjpZo%2Fvmx8k%2BM7rjyaKHUrOhEniVtcUgJKP%2Ba3j2ghpUIUOlwQgqOq6tDUiGKRSnKlhgc3MBTvEoNX0SDltxhtncSy8n4umVsiBDSgWfcYrzBAIFvOolUoOKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625eefc4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
88480
fontawesome-webfont.woff2
www.btolat.com/assets/fonts/FontAwesome/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/fonts/FontAwesome/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
last-modified
Tue, 28 May 2019 14:38:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140205
etag
"5e76f0ff6215d51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAE5Pv1En2BPX4uE7IB%2Fgstkvq3aqbGtTVV2CJhhZOnQeJtfx0U0th52wfnl%2F5MtYVVgw4tnmWVsFeZD12ik4c5Kjv%2F%2BEA5Z1cPGV%2Bl9qLiH%2BgYdMwyoPA0iAeZmMss8%2F9XjGU06KLU4DdoAbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625ff0b4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
66624
SLXGc1nY6HkvalIkTpu0xg.woff2
www.btolat.com/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/fonts/SLXGc1nY6HkvalIkTpu0xg.woff2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf23098d0dceb8591e215a9ad2fa5a9c515b7c8e6877c1d0d3ec49b3d81231ae

Request headers

Referer
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582792
etag
"ed6369906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SkXloikD6JmMDDBfPA8s1CXuqUgFJbgVHpwueIvSRgVCb12Ulh%2F%2BydPu39liQSXxoLNlxBWKYPgLg3HG4OCE%2BvBOeD2cBJbjw3%2FR1UsufqIyv%2B8Prg0%2Blz1fiiZsdOsRJpLdBTcAmFAKrldJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625ff0c4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
18044
SLXGc1nY6HkvalIhTps.woff2
www.btolat.com/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/fonts/SLXGc1nY6HkvalIhTps.woff2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb3d6eb9c192f0339126dc9290c8cdc286512f79318d9a6e5033b2ebb93e8cd

Request headers

Referer
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582796
etag
"8c968906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6uquswXdVCbW4P12bgptugNE1KTMpiIoYLjglbd%2F2m%2B1KHjqp0MNtbo8PSv7c78WosOxt2hfuvXJjTNOq1UzcQZlz5hWQuQojY7ReHQWfk343b7WT5E9GrOPVjDh8NAIAwEJrQT4XjGfHx38A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625ff0d4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
20772
SLXLc1nY6Hkvalr-ao6O59ZMaA.woff2
www.btolat.com/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalr-ao6O59ZMaA.woff2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8552f58c3962ffc54bed6f9a348c2b91b8d5fed219411a49cffa67baa5bbee

Request headers

Referer
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140205
etag
"164470906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSLj9dPeB21Jg2Af8BvGMAstOq82nHcPRFLQ8rOKDIEvEGTY9PHnl46vffIWCm%2Fs1Ib8x%2FeAo%2F38weAzc3b%2FIQm3OqGTgjMnoEJ00HOVLwqbOJH%2FTS4jiphtQGxOAbU%2FPv%2BhxbMtgCnGnlG2cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625ff0e4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
19124
SLXLc1nY6Hkvalr-ao6L59Y.woff2
www.btolat.com/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalr-ao6L59Y.woff2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c66f4aca2010db9ea45505b5f0ff0a67dfc576ceb36377901474e2aa8e5c34f

Request headers

Referer
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582794
etag
"8dce6f906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ybph5%2BkdXWuxuBIYypYMxQTpSa0Y04%2F5vCtohEwX3pAs0o6VkL%2Fy6QT4jschcO0rMyvlwrMoBrUUxUAoEO5ca8PAkbPHZOcJoWx500NapE1AfVWrRGMUDKnRPRk8iWyPEaj1CYCH7x8szM64cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625ff0f4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
21440
SLXLc1nY6Hkvalqaa46O59ZMaA.woff2
www.btolat.com/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalqaa46O59ZMaA.woff2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53bb09934363bf519fad500cb24f9acc2b45a1b5169d6478ceb64c740b2cecc1

Request headers

Referer
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582794
etag
"4daf6b906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSgvbUTmzFR%2B6JHyL7gQj8tCDQA9zGPzKC4o2vwAwagglK%2FOyA4KcM52tCu6oOhpFgDUhplxEwC938Vs3YCgdnPOSz3SQzep6CnaKVaXW8pChmxXTrF8n1WSiGpMy20fzErFRjo8kybpkVkIrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f625ff104bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
18844
truncated
/ 		866 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af6e31eb51393c67a65b952cc73449bfb19f60270cdba7c77a00f79243695405

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
SLXLc1nY6Hkvalqaa46L59Y.woff2
www.btolat.com/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/assets/fonts/SLXLc1nY6Hkvalqaa46L59Y.woff2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aba1085fe27cf78f0c318ed85f70354c5e387b40376ec90cbfb529040c4aa4f

Request headers

Referer
https://www.btolat.com/dist/css?v=a-dP7uXMDNp_Yu7aJQou_zsEE4xICX8wPH09SHTbqJA1
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Sep 2020 15:29:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
582794
etag
"14ec6a906284d61:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxMdZtfX1TGddptfO8YJwDBViP1xW43B8goxl8LJYddl%2BtKmA%2FSxMqFUI1nd2fsPqTNot%2BqmNSSwWQZTMXwQuJhq%2B4UaRNGI7BfOi4HXO7l0jFC0hRgO6SFHTRL%2BKOTbaJ6drBSlPOYf9S4hKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
84f3f6264f394bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
20564
ConfigUTC
www.btolat.com/Home/ 		9 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.btolat.com/Home/ConfigUTC
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/assets/lib/jquery/jquery_3.5.1_jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c940acb0bb5d4c0e39c1e6adb8ded26fceab274ae0708283ad3c5e7269bae7e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.btolat.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44Tnl%2BKJcJrvkd9ulg3mOtasHrImISep5RTXvGEjDzmBCscR0L0OuBVFTdxviaEA1vOt441YLR5GHFBUgXeg3%2FgJ6kujtpwsVIyy24yUqiqH3C8ncFDlVqryrRnisrWgzHW%2F5C2xAYRstcKrxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
84f3f6266f5d4bcd-BUF
alt-svc
h3=":443"; ma=86400
content-length
9
boxl.jpg
img.btolat.com/2023/12/9/photogallery/688/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2023/12/9/photogallery/688/boxl.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5871174e0b2816ab64e1819e8ba696cc4e3620cb439d82e3b69ef2352737b4cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
23183
last-modified
Sat, 09 Dec 2023 16:59:49 GMT
server
cloudflare
etag
"72f7ec1ec12ada1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLbtYef5f8V5z1mbanaQ3dslS5I4DeDqDqTQr%2B4DuftDdMgzqD%2B9LirL38E7vU7MEMH%2F1l9h%2FxXpCeJCqBGalhQDUdDhruaWY5cIx1lYIFI3RJ5irswy7NYem3GCP0y5qAyKYywnIcNHr1Ctrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f6b4bcd-BUF
boxl.jpg
img.btolat.com/2023/12/8/photogallery/687/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2023/12/8/photogallery/687/boxl.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c574e4b4b9aec5ee359b4cec763a4ecb125b18e0d6cdc6c75e14239bbefa03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18428
last-modified
Fri, 08 Dec 2023 16:24:09 GMT
server
cloudflare
etag
"0f4fdf8f229da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMJ4pfGyAShS0FLUX5BGl0ePVDR4NLRtosbbrszY0f2Jfh6%2Bwl6imaVW1Jikh9B3QyyMozSKOMkCSAZvY%2FzrquuCWokzgyi%2F8YfKQM1TWD1DevqNqo%2F75%2BYeGbpRAmZd%2FX6bUZ6AaqPWtHITBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f6d4bcd-BUF
boxl.jpg
img.btolat.com/2023/12/3/photogallery/686/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2023/12/3/photogallery/686/boxl.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fbc73f4e68d34a100f178839665e9925ca33e6838a3972eaba95c9b7c88352

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16052
last-modified
Sun, 03 Dec 2023 19:50:38 GMT
server
cloudflare
etag
"142f56fd2126da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAdib30XLLhO6Sv4f9LzyZRxRWlbBqnWwiULSi9svZHGyxA7DRBEqDEq%2B%2F11ds2xbK9QMhMbd8IB9uXXw4oKErbZZb2JPpra5D%2BgtJxiz1gQWjsMvIEpbhuG2E5%2FCnLpr8aqWfyI9Yh4e4lQUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f6f4bcd-BUF
boxl.jpg
img.btolat.com/2023/11/29/photogallery/685/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2023/11/29/photogallery/685/boxl.jpg?v=20
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fec884d02f6b4e88e58427e9d360203f891b4bd17d5f67c2b0bdd2d1857f388

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
19405
last-modified
Wed, 29 Nov 2023 17:22:20 GMT
server
cloudflare
etag
"c375349ce822da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHvfZfwtU28DJlmujT0s763PEKEke9LU4i12vPsCjt7UCE%2FXK4d9CuWY5Hrlu1mjz%2F7HKSCtKIkgGbal5pxy8rA6adP6iUUNaFKZ5MOV10Vk7t8VHwg7EnT9xETbpaucJXrHiCcC3hwV%2BIrK7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6266f714bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336428/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336428/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66903d7fc339c501a29476768b01da8f7e3016190a5fa7a8138762aad6c6f9a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
20813
last-modified
Fri, 02 Feb 2024 16:12:42 GMT
server
cloudflare
etag
"f8ce6ba6f255da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkfLO9Se4z4%2FV27X0TNpgU%2F1ktIRkntorZIjhs9S%2B%2Bk5UaKB6OnqCD84IHqgIlia6FuIRazd2JK1CDPDdVyqSw00CxbI4Qzco6ZVm5vmHdpv%2BBMZnWlMGlUTcYgj4Eepq3jRCT8DxQ3z056IDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6268f844bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336431/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336431/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f33dec93b3fbcce8ef912d1e754b1d195e90120ab867132b9c43706151ef24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18853
last-modified
Fri, 02 Feb 2024 16:45:02 GMT
server
cloudflare
etag
"7eefea2af755da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r8FMpja9AIVOu%2Fmw1MP%2Fe3hzL%2BDsXV94gEFqRfJRKgMQ0byP%2B4OpALIDXZI6ocH%2FM%2FRE8uHK5L0i2PKKiuNf9sYhj4Y9p6D1JPXC70CayRLXGjRvEYJVGXTBkUFUIh2uLpzJRhXcqCVpt0kOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6268f874bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336429/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336429/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06a5906acf4db557646d52372985803b866900b2827c64b16b0d072431165232

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
23398
last-modified
Fri, 02 Feb 2024 16:20:07 GMT
server
cloudflare
etag
"9fbbc8aff355da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BC%2FwK5Qmf%2B%2BIMCl%2BMjaVne%2FM5zIoA3grpMIr9qN3JKpKdHn%2B4gXE0aDnOn5mcxhHbx2sSLymIUIAAU6XzFGcfWW2QqQyZPWHZMUO8uoq1AQ2TaO8f%2B%2FSzM5%2BTuKYTzUHr77QqjnCtkH%2FrO0FdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6268f884bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336414/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336414/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987276ad08d30939966de1f4095ae854f1b897a4b81004aa6ca73f52db285e66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
20235
last-modified
Fri, 02 Feb 2024 13:42:03 GMT
server
cloudflare
etag
"540b39add55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hTIAj6vOOZwdE3%2Fcxs1UjdmPCj%2FLDxv%2Bv6wCwpIeWSEk6lP92hUHg8gN7g8FVtZQaEf63tRJPOQ1btL4DM0r7XLmlQ25Adjq0KczTpiW4721N5pK2eEJOCk9qPagkBYKstD%2BvPeTCWhotzTpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6268f894bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336423/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336423/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4328d7fd75e056c121030d8c8784560c9e0c442e07485d6c29ef849fa675a1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7236
last-modified
Fri, 02 Feb 2024 15:21:17 GMT
server
cloudflare
etag
"a66b9877eb55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnhRaWNZCM41XgRawx9r0bso1Yr14fDIjJFgTLH00KVQ68uUW2LuhDS2TCOuiO1XUPN00LiAqD5HsFkdPpu64QIMdRwF7oD%2Byi2KeW2OueM5CTSh2dzWa8PpUDmDLVAPVoSzDPEyGuPEMvhH4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6268f8a4bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336432/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336432/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cca105a0c09196e6f90934724a2870903f11f52200da693f399155a5f6ada8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11454
last-modified
Fri, 02 Feb 2024 16:49:34 GMT
server
cloudflare
etag
"b0b38cdf755da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eo%2BNM%2BenNUPyRZXyu3qrR%2BH1w2hAR2Cp%2FtcM1t9067o7k008qFwfGY7LStYQ7IuUKBAhhxMSELGge4TsYRkAT2y31I0a7su92HZcs8cml03Zx66o9DtLlY2LSWpVu7LxKIL0IK1TnI39I72P4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6268f8c4bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336406/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336406/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6592044a6fe7196d2c94fd47b47174b82af18d8a4bd3d1c7e8326663d506a4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13848
last-modified
Fri, 02 Feb 2024 11:40:03 GMT
server
cloudflare
etag
"6be4e48fcc55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZrPzxE%2B%2FNpjCenesNkJ4M%2F4F%2BhnATp4dOTaWLpvGYsynIGFh60wvm7wCEwTTLm%2FW%2FnwjA3vC1Ob95dfqywaM6ifb8vEfWbHl5f1Ia2J3t4LPJbf%2FJ%2Fp5MkFJ%2FVJzDveMYtRqOqXNi6CZV8UbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6269f8e4bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336430/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336430/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976874c659c57019b3aea59421a6b09746551c14bb0348b695b3138f2dfd9e5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14925
last-modified
Fri, 02 Feb 2024 16:40:18 GMT
server
cloudflare
etag
"5a9e6d81f655da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFOh246ahAodsY6YSO4HSKv1b2dFghRLKa7We44x63jNpiySW3sH8wruY446Cc4nbIyt%2FUGbH5gTzAjOZXIcTy40IvRIL%2Btc4PMq5JIT4lpBtkeN6V1zORxVS83tjFTcESz17%2BfV0Q7rbBwbhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6269f904bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336427/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336427/medium.jpg?v=55
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45525d7344ce66396376e0d74934921bd1249227825c9997ed3753bef99997cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
20539
last-modified
Fri, 02 Feb 2024 16:08:55 GMT
server
cloudflare
etag
"3fc21d1ff255da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuARaFW7uuJtmrWbyde78LlVXybnmvqu1SbzBNJtFmhPh2wgWSzvvCFfFzj8aYnxKSo059IbcD7K6zjqAFr2j0MVQwczMpikaXdcthS8L%2FcWNNyrQbibE9pRUMh0qURIzS2bf3Qccady%2BSoFhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6269f914bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336426/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336426/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dc5eb5a1c1047fe35716d547f786b2e6dab88eb710055dd6e17fdd67905ba2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13481
last-modified
Fri, 02 Feb 2024 16:03:10 GMT
server
cloudflare
etag
"27d56751f155da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQL52HYmmRY%2F1EeI9OZqPZwmKY1xzAKhoIDCgcN3MY7mc5C%2BvLPtJnIz9qUfho16Rs2Tkz50p3AOcSzxNA8xVKU8oncxHNDyZKfyDVG4jZ9HPP9TWKGlSn741PC8Q9Q1SBZt%2BKLDn3646VUBSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6269f934bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336425/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336425/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267bcaa6d5c8b423764b143f8cc0d50986cc404efaa6b38deb9927d7a01460d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9936
last-modified
Fri, 02 Feb 2024 15:46:53 GMT
server
cloudflare
etag
"b87952bef55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vW0HtZNpbWt%2FrVTemCzaVkD5r6L%2BKoPFj34gOXBDhIkjGjP1%2B24bO1ZSjgplxgxBq%2BCvmPBxv6gC%2FoqzKKAVu3%2F3aAWPJ98isj7YizjVVN%2FGnFAqOaoifkmrUVekthOcjScFpv6R7vxiU1hong%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6269f944bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336424/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336424/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec6f2a376e33e43dd0ac32946a6fed1e1b865f258886da1d1d8aa800ad4d694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7829
last-modified
Fri, 02 Feb 2024 15:41:01 GMT
server
cloudflare
etag
"ac123f39ee55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a71V1UkNlh2QYHP3PixAC3auucJplSqE2yMPCp9oC08zbb8OAM%2F8gO6Q3qne9XUXJcOIIAOhDCG9wTJYDPTA9Z%2FlNJrJhxDEg9y%2BYIky2RRLLGS1j%2Bse6RtisQdH8%2FRjWOGVA15cRwGd1tOZSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6269f954bcd-BUF
medium.jpg
img.btolat.com/2024/2/2/news/336422/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2024/2/2/news/336422/medium.jpg
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59289e96a9b37e4668081ef40bd08bff0af822699ee8a23b8c8c1424f5717720

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
8203
last-modified
Fri, 02 Feb 2024 14:57:57 GMT
server
cloudflare
etag
"13503835e855da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beE8X5A2ePCRh8GB61%2B1zWmzys%2BQ2lSXDEht4HlMfUQ35RX2yOujpyn52DMhh8Es1Mzwr7Em6Zb0Hw0GTTuaBC9GGSD6Sq%2B7lNwgrL7pmkl2WjoLIbEYJZd12CXzfV8DBnPotd8A4To9ue580w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6269f964bcd-BUF
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 03:24:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
48638
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139485
x-xss-protection
0
server
cafe
etag
9760076492862216199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 01 Feb 2025 03:24:45 GMT
16837.png
img.btolat.com/teamslogo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/16837.png?v=45
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff66c7021cb249375c8249c2a22f7b78a907d179a42f510de3acd707b44b4d6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2542
last-modified
Mon, 22 Jan 2024 00:00:00 GMT
server
cloudflare
etag
"aab70f1c54cda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oht8oWhBA4eciIW97fw52YjVbeyJayzpqDSEBNpuzyFdCeSGP2lrbIyVZafI1sFVUPpVlOZjjpEzhajniqwIjquTzg7rzknslqW2IA0xNoa3zStEyfHKkys0Cispmn3%2BASCK1Pzy9X5NdZuCNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afa64bcd-BUF
12196.png
img.btolat.com/teamslogo/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/12196.png?v=438
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694862fded68c26a6d846df4aeaefab129f532681e387581707ba132837ffbb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
20591
last-modified
Mon, 29 Jan 2024 00:59:53 GMT
server
cloudflare
etag
"28f3f5774e52da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rG%2BBr1IR7AVUTkA5fnHuEmNM0FHbd4bg0oiQrVIvGT%2BG6QMBWL4FqX7N4RXZPwHhnkUrZUdsUbG47Nm5ZrwKswjCJBFL1KK%2Bjb8BjGyTVfudKQ4A%2FfLkd5Cs%2BmvLCxxjCcmSWtjaC1RL2f2%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afa74bcd-BUF
13584.png
img.btolat.com/teamslogo/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/13584.png?v=738
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b93a380a25062cc97b648adf99e681b5f5ac899d618e4e5138a8fff0d8e581

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18463
last-modified
Thu, 18 Jan 2024 00:20:29 GMT
server
cloudflare
etag
"a2a28a24a449da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWlvce1bEsLk8wdKsx1yrZWFvg34pufHRn623WOmtgIgI93F1DngbdAq%2FGsQGZG%2BgJD03%2B1b3ZLAVhFr8YBYmd8jjCj280JlEM%2Bp0OySGJTK%2ByQE%2FnkIMcQ%2BNl6KSAQ44h3PAsnGif%2FVeCLwag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afa84bcd-BUF
5842.png
img.btolat.com/teamslogo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/5842.png?v=611
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00760f0f99baca15aee36219035d322b28a51c435c1576984a4cbaeeb9484814

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13899
last-modified
Tue, 23 Jan 2024 00:29:59 GMT
server
cloudflare
etag
"ab26474c934dda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OxpzyUqJP5ObqfR53oqo9nVfI7mERJfdED3c7eyUMKOjvLZUop1kLO59NLMeBHdqZYFyYw18XDdFf2Q8saVNWPUIq5t%2FSp%2FlfdQnRHSxDN%2FB9luWReSXHwp8zHrX%2Bez0r1SKghCI1x5wf4kaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afa94bcd-BUF
10433.png
img.btolat.com/teamslogo/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/10433.png?v=19
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88dbd445a9da748d92e5c6377c32a461cfb02bab123007b08241ce50af040889

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10559
last-modified
Fri, 02 Feb 2024 00:08:26 GMT
server
cloudflare
etag
"63a5ef16b55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQejmMUsbfykhJmgWzv9ooku%2BlygYqKIZ4cDUIHsTPvxnHpgwmr%2F4AsmOj8atWFtOBPbydmRqCW5gdOEUO%2B9Nn%2Fn41TAvqGOfTeP5JsvExm3raCr2e%2Bq9SlAiJ%2B5Bo2hj%2FG83aBE7xuQSKfaOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afaa4bcd-BUF
10303.png
img.btolat.com/teamslogo/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/10303.png?v=44
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448d631ee06f79f0281913f71dcbd540551f7e274d9f6da67d6cb04942f371ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10804
last-modified
Fri, 02 Feb 2024 00:09:44 GMT
server
cloudflare
etag
"acd1df1f6c55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXfuV%2FfJKSNQDBIVpw%2Fg8bvnwT2owsfAFvR7LRds%2B5wiV7iZrnOdMFSnt%2BInt%2Besym1h87OGJYGP3N1yD4JbubuQR6fR3qjbODYSKsdQQS1OQOX3%2BGSvWIGNXvlDikLpVjYcySqy3s%2FnDp9Q%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afab4bcd-BUF
10124.png
img.btolat.com/teamslogo/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/10124.png?v=179
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a5dcab9c4f4abd7b573c15c8e645ed53d3108e09c4e4253ddc1fba49d6c34d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13117
last-modified
Fri, 02 Feb 2024 00:04:24 GMT
server
cloudflare
etag
"b35e38616b55da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjVRXDHyu%2BA%2BJoCWRdi%2Fj8EiFUoF5h%2FBG3ib8Q9OzNYdQldJJ1I6nmMAuQMnHGzzVBlERDscWrX11HxzALd2FrEcWNUtRZWf1Lxmce5LhB5PcqdocZuCO4eHxqVoUgHWUuHb9H5xrvo6aYZKJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afad4bcd-BUF
8173.png
img.btolat.com/teamslogo/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/8173.png?v=991
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef57e3b68e991e7f960f5d5a82a179d01df0ca2dfcfc5919496610b1f112bd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18810
last-modified
Wed, 24 Jan 2024 00:31:29 GMT
server
cloudflare
etag
"22d08fac5c4eda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B46RgSujqSOlZ%2FvAehUxmpWrBIjUjwHMYEm6qn3puRZ6%2F7xrP2nsTjg2DfCz1lIgVSDoNZB8DgczAa496fvydOGuilZy1TRhEsLoEJdPtF%2BaiVy5I2M9fjfygEVRs%2BaiPHJdnUdldgq45pdNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afae4bcd-BUF
10963.png
img.btolat.com/teamslogo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/teamslogo/10963.png?v=53
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06f40eba9a86a026036462084bee29b78224fb6aeb84ffe1f47dd147c72352d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12069
last-modified
Tue, 23 Jan 2024 00:23:25 GMT
server
cloudflare
etag
"86621a61924dda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3FFltePN6h6eCZxZXZ3THlH9mq2eqlxMFmP19hnfRetz3z4%2FJpDXHbwIJ1srgVpIuLIo%2FfK1ThsXaFlr2Ye46Od%2FpM3NHpkT2%2FjPDgjG5MqiSZbpY1fmhgqjX0tEZW9%2FHVLsiUWs%2FP%2Bqip5fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f626afaf4bcd-BUF
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame A3BD 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
798397
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
84f3f626ce224bc9-BUF
content-encoding
br
content-type
text/html
date
Fri, 02 Feb 2024 16:55:23 GMT
expires
Mon, 04 Mar 2024 16:55:23 GMT
last-modified
Tue, 07 Feb 2023 10:27:13 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=294875567365157&ev=PixelInitialized&dl=https%3A%2F%2Fwww.btolat.com%2F&rl=&if=false&ts=1706892923974
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Feb 2024 16:55:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
106213651
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/106213651?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ab465db07b3c68f6a87bf94194e8a4c0df8afc4be157fc670189e36e7355382
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VCPmQbeCJ_Po84lg32UZ8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-VCPmQbeCJ_Po84lg32UZ8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNxr0LAXEYB_C7J4-4JLF4KZPhUspoNhksLBSZlKRkksVN5z9QvxtsRmExGAwGo1wmxGDhkCxeFgbf4VMfZSFHlaCUUYOSmTzQBtaRE-2gLZ2pA8fcmS4QVy1KQKNmUQvk34Wc8HhdyfW-kh9UeARu9IFpOmW75wQrecH2lmA3lDTBdXCPBMfGgidLwTMoWoLL0GeDB9DNGNwDvYBDsmJwFp5Vg7_Q3K9YA1_Y5BB4XY7f7DW0e47buS7_ASwgV3U"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8D6S73ZBHH&gtm=45je41v0v874051100za200&_p=1706892923529&gcd=11l1l1l1l1&npa=0&dma=0&cid=607451407.1706892924&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706892924&sct=1&seg=0&dl=https%3A%2F%2Fwww.btolat.com%2F&dt=%D8%A8%D8%B7%D9%88%D9%84%D8%A7%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=996
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8D6S73ZBHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
projectagora.min.js
palibzh.tech/libs/ 		367 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahtuo.tech
URL: https://pahtuo.tech/c/btolat.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09919f06ceb799754bfe3810c1955cb270dc433e8eebe6c55ffac70db4b732f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F2K4VEJ5SVXB6MNY
age
4027
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.20.0
alt-svc
h3=":443"; ma=86400
content-length
104452
x-amz-id-2
9cn2cZN5QAIOXURqBVrz5yKtb1Mh2tSscknKOSuBqT767nnbbAsIu+1lWIaPYeSr/VZ63F3CPd4=
last-modified
Mon, 22 Jan 2024 12:32:42 GMT
server
cloudflare
etag
"edf92d9be2cd081a45cfbe08e49a0092"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2N%2Fe9cD8q2HyJmmPEJdscXglWpcI5ZjWt1YyeldNxo6sjI6jlj7OgvQJP6%2BM4qhRTFa6mXPzs1FEET92aQvenxaDRdfEmIoOZYRyzCsawdj5OtiRs%2FFSbKQRhOu17b7OGVr%2F4tqOMWohIdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84f3f6297f924bc9-BUF
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=219054418138691&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.btolat.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=770e98f06eebec55f454c7030d5fe69d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=()
strict-transport-security
max-age=15552000; preload
date
Fri, 02 Feb 2024 16:55:24 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
G36U+ChjNi8a2QD+78lcSlZxGtEtL5zI6RjaPgx8ow45HP55RZp7JPNIlQqzkLD2bYiSL4Vi2sPkj3+kqUk2Kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires
Sat, 01 Jan 2000 00:00:00 GMT
AGSKWxWE0QrATvjIWWJaPFuGhbiab2mLLb3A2Uqllc8qPW0VXMgrnmPhO0RIlVN9d0i9tNQCuhocORtntpGAbuNdxCUOn6mIoMTCCUUgLM7TyVLPvuFB6AMKef4mwuLn8lGbOiuqLtkrEg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWE0QrATvjIWWJaPFuGhbiab2mLLb3A2Uqllc8qPW0VXMgrnmPhO0RIlVN9d0i9tNQCuhocORtntpGAbuNdxCUOn6mIoMTCCUUgLM7TyVLPvuFB6AMKef4mwuLn8lGbOiuqLtkrEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2ODkyOTI0LDM2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYnRvbGF0LmNvbS8iLG51bGwsW1s4LCJEVmo2azJsUUtVcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d19c87e85872d6887423a9678b920c857c2ee69b771159374406af5e882bd99c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCpkf1aalVcQaa4BOzcGoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCpkf1aalVcQaa4BOzcGoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxj0IAXEYB-C7N6-4JLFwymS4lDKaTQaLWygyKUnJJAsTm1H9b7AZ5WMwGIxGkUlisLhDsvhYGPyGpx5lKUcUVdI1VdokjrSDbfhMe2hKJnXglDHpAjHNojjUKhY1QP5dyAmP15Vc7yv5QYNH4EYfmKeStntGsJIVbG8IdkOhJbgK7rHg6ETwbCV4AXlLcBEGbPAQemmD-9DO4ZAoGazDs2zwF-qHNbfAF9pwELwux2_xGtk90-5uJf8BK6NXWQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
6652b440c8b2c5d5d925a4a07592f597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:07:04 GMT
content-encoding
gzip
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
31701
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
nbPzPtcXwyW3lvL8A6K3UOhRge0uttE7nfm82kta5clOLGET60DqDg==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:44:46 GMT
content-encoding
gzip
age
285038
x-guploader-uploadid
ABPtcPrC-6N0WNjzkM5qAh9JaWJNUVWmAuT0EUNe79SUUOq5-JbFZ2q1o6Moq1ulXJNw4mtxq8o8E0tUjSpY48-eCIAGww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 29 Jan 2025 09:44:46 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:7a00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:45:45 GMT
via
1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
EWR50-C1
age
580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
dXdoh-C8pBpcx98gSy08bGBNvSqaH1jtCVyfp3a1hl2FZtbFlVNH9A==
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Feb 2024 16:55:24 GMT
ob.js
cdn-ima.33across.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c053296a9992bdff00722df969399ef088f8cc97b3c61811d94fde5dcb039967

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 19:04:32 GMT
server
cloudflare
age
77290
etag
W/"65bbeb40-42d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84f3f62a2e5436ff-YYZ
expires
Mon, 05 Feb 2024 16:55:24 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Feb 2024 16:55:24 GMT
x-content-type-options
nosniff
content-encoding
br
age
33235
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-ewr18144-EWR
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=283733231%2CIdeaProgrammaticBtolat%2CBtolatInArticle&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%2C1x1&ifi=1&didk=4240517600~2034687731&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924388&lmt=1706892924&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=1219129674%2C3205783397&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e30d6717652f18a09e428f20e56b75edd6b4df7507630c4a874bf86e01fefc8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		762 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2Cbtolat-special-header-desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=4200387789&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924396&lmt=1706892924&adxs=800&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=4015565580&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b49c6d520de3d26aef1c81662067c909f9c07a0a6ecbde2ad6be85d818e3ff68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-2019-DT-Leader728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&ifi=4&didk=3192068453&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924399&lmt=1706892924&adxs=767&adys=82&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=1390x90&msz=1390x90&fws=4&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=1278542363&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32856bc4de87892e7671ba2248927affca75a631b5dcd006d110dcf6e67d8b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15088
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-TakeOver-120x600-Right&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&ifi=5&didk=3812379096&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924401&lmt=1706892924&adxs=1355&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=120x600&msz=120x-1&fws=4&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=1262678493&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
635b2462bbb926bf5b5e1dfb2287e7886ee8a11bb41f24773a4a885e12041636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15063
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-TakeOver-120x600-Left&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&ifi=6&didk=3862491739&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924403&lmt=1706892924&adxs=126&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=120x600&msz=120x-1&fws=4&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=3177319226&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6be3691a31a8a23215b3ce32e0ab14b3aafcc24582bcf3a89f24696c9175ee54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15475
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		37 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-2019-DT-inner1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&didk=913269352&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924404&lmt=1706892924&adxs=253&adys=185&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=305x250&msz=300x250&fws=4&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=3525699108&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e22cf2d03790bd796ac7832bd144ff64bd4690eb623e1312c2a35223e0fdf651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15073
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-2019-DT-inner2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&didk=2712031584&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924406&lmt=1706892924&adxs=253&adys=888&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=300x250&msz=300x250&fws=4&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=2571400492&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a26256a8778601e660015386ca9f60bb9d6ac7f82919ac481e59e13b95c66b91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13159
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		762 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-DT-matche-widget-strip&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&didk=1818017652&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924408&lmt=1706892924&adxs=253&adys=1153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=300x35&msz=300x-1&fws=4&ohw=300&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=3074082707&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2ef13b5c1ed2e49541d3022b03af51f5c4d9ce2216765d0b2058ac38c38e115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
338
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=22892919920%2CBtolatFooter2023&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&didk=607409652&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924411&lmt=1706892924&adxs=0&adys=4292&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=1600x4292&msz=1600x0&fws=4&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjhq_zV1jFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjhq_zV1jFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGOGr_NXWMUgAUgIIZBIZCgpwdWJjaWQub3JnGOKr_NXWMUgAUgIIZBIXCghydGJob3VzZRjhq_zV1jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y4av81dYxSABSAghkEhQKBW9wZW54GOGr_NXWMUgAUgIIZA..&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=3517830795&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e87644e84a33dc50bfd9966a34164d76e0f6548764f64038030762643e1a4bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13083
x-xss-protection
0
google-lineitem-id
6383636573
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138446714762
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-DT-Pop-Up&enc_prev_ius=%2F0%2F1&prev_iu_szs=780x400&ifi=11&didk=1905319899&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924415&lmt=1706892924&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=780x400&msz=0x0&fws=132&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=1753927974&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
636d68e98abb3093d409eeffa6710155c12925357e2899b8babded67b8ab4d3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17821
x-xss-protection
0
google-lineitem-id
6487085436
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138462685549
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		753 B
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=168615412%2CBtolat-DT-Footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=570x570%7C950x610&ifi=12&didk=3675508222&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706892924417&lmt=1706892924&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=1131002856&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37cc46a339a99df831a46660024db89cf62243b8259093395130ee189b9baf7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
331
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F551 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:24 GMT
expires
Sat, 01 Feb 2025 16:55:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXC7sCFwoSKYqZN-sQhjt41xruJYyQh8jld_x4QD5EXAz9OBbv4eAR2Q7lquA6tk3KeygmtJM4WCYUq5zb343psVF_6zMWfLd-ox4cLOZTU5I3wiQDQvNqH2K_U5S6h9LTJgUB3qA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXC7sCFwoSKYqZN-sQhjt41xruJYyQh8jld_x4QD5EXAz9OBbv4eAR2Q7lquA6tk3KeygmtJM4WCYUq5zb343psVF_6zMWfLd-ox4cLOZTU5I3wiQDQvNqH2K_U5S6h9LTJgUB3qA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2ODkyOTI0LDQ1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmJ0b2xhdC5jb20vIixudWxsLFtbOCwiRFZqNmsybFFLVXMiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18bd1ef4da7ae613a8f15e6de33181f6697130509dee479488cf87bc68c33d0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iHX0ZzM7fvbL0k3hqP8QNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-iHX0ZzM7fvbL0k3hqP8QNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KIhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZeL6-ZJIAYg0gfif5iukbEO_w8WB5Ez6dlStiOitbxXRWPiCOq5vOmgfEfOums-qun8665cx01j1AHPN8OmsKEC9mncG6GoinBM5gnQPELdFANhA7pc9gDQLiz5kzWH8DsW_9DNZYIC67fY61DoiF5c6zSgOxEA_Hnz1f1rIJLJiw9RUjACteXzM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 90B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuruS3TXSAmfUCNQd4QcEKscGjxWUPOX65387wPCN8sxqg3uwWX2kj4wPjkBahuNOW3N93CSTnXlyFIZ2BBWN30iDfawbguQh3eJc7-BUYiIl0hous9poympQcqtuL4sBRN1-bwvbcnOB5wGR93J2nFl6r3ttwLtOQrLx0b2RMnpdAbweYGDMb1ZbvH8u8B1f-GpDppRm9VfFw4kK9nZujd7r8_oyi8JUJVB28qjRnmyalxIRc7fc_7DPN94mOz8M_UDt2HAyWxWajW48tMV2jMV6kZMdYVjAP6ZyThYynoRvU9NBopqTQa-UREcAhKlkpaWTKjSZlJeu6xsYIHvscXPTzJFg&sai=AMfl-YQ--kAkOB6xbQzTbCjetK-_DsAD8OiKgEF6Ej8KP_d8SWZy6sr2okTRc_GHUvMXTWz9xUiciXM5LZIfVciroQcqBsuK9KMAzGm3jh9WVyCFk_ZDmEm8jPdAYg59fZuYmcUWK3xdn9xd9hbLykA_p8MO&sig=Cg0ArKJSzMFBVUfD-tRtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 16:55:24 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 90B5 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:24 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3625675438570024&correlator=3732250650196147&eid=44809527%2C31080583%2C31080117&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=22892919920%2CBtolatFooter300x250&enc_prev_ius=0%2F1&prev_iu_szs=300x250&ifi=13&didk=3098427636&sfv=1-0-40&sc=1&cookie=ID%3Da15bdf139a45ea37%3AT%3D1706892924%3ART%3D1706892924%3AS%3DALNI_MahSOE45woPYzPDGDKna0f_aUC0VQ&gpic=UID%3D00000a0aa4e99c44%3AT%3D1706892924%3ART%3D1706892924%3AS%3DALNI_MbXeWq9ahdBVEiNOZjHCAYIBztcjw&abxe=1&dt=1706892924540&lmt=1706892924&adxs=0&adys=1003&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.btolat.com%2F&vis=1&psz=236x-1&msz=236x-1&fws=516&ohw=1600&psts=AOrYGsnEEd3zn2zbJxmisvu6I08fC2lfW2Ed1v_nafBOok0Krr2hWi3lFhw77914UKiHmk7dRd6dLFiAII6IcdjlSg&ga_vid=607451407.1706892924&ga_sid=1706892924&ga_hid=1947632324&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjhq_zV1jFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjhq_zV1jFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGOGr_NXWMUgAUgIIZBIZCgpwdWJjaWQub3JnGOKr_NXWMUgAUgIIZBIXCghydGJob3VzZRjhq_zV1jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y4av81dYxSABSAghkEhQKBW9wZW54GOGr_NXWMUgAUgIIZA..&dlt=1706892923419&idt=686&cust_params=Btolat_League%3DHomePage&adks=2063569840&frm=20&eo_id_str=ID%3D30e91780ed632567%3AT%3D1706892924%3ART%3D1706892924%3AS%3DAA-AfjaDJVy8i2NVOVIPfGlDMu86
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7261a095f6a950e9538bf928b7317e430ae3e93df8f71adab790d8c2426f8db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12174
x-xss-protection
0
google-lineitem-id
6383625359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138446669028
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-47.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
efc67378ced29a88fbc6b164f6692b38ea1223baecaa63c08ca11e4c38a7a1c6

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache
x-server
10.40.51.12
access-control-allow-credentials
true
content-length
235
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3C82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu93VThgTD_4xCQcHVh8b5fp9QZS2nalZUvT7Fk0TVCrG_xlY-SxCvDIMfb_UjUEwRmYqNCxQ7UfAbHiZO8f2uYSq5z6SVcnfOpUiOvg-pti00yNDEO9bdSD32vVAlemkHtxoBa4rUdJCF955tDXQUT6xije_9Izjknf83JmRbgl6MnWOq5Qbud_PGoiFhvFzhNcu69xeYvnyLZ0nVuMl8rjH4QXFW3S6oFzBUTn4wA7WmrH1dR5CYuTfXZ1YsQzUs0DRhlcx2rdDT2h_oMdz69tHjFnrJx3uSqipdHuRs8BgVhBVqmtuJn6sE2GisOrzzJwn1ZAC6EWzrzcFqvXrGX7ddPWwWi&sai=AMfl-YR11ixncS6AyoDfmsSkdVDa6p411Y6G3T-pwUlB9LP2rh4bGs06dOy_9-UQ-kA3-rC953NNjCze7rSzNgL6rAwYV0xRynjZuwhCPvfrYgfMIt4a99LbZ1TRO98xlCE&sig=Cg0ArKJSzNQwi2JoMKK-EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
img.fetch
udmserve.net/udm/ Frame 3C82 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
5b9110f4a676d82b42d6b9c8d5ce8dcb0e6e12b0bba2fe48797a7dffa035d164

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Expires
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3C82 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:24 GMT
truncated
/ Frame 90B5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a154981209d7542f36896441213e446e902e35164853363425574ec9fbae0f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 90B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIiMqQ6DWQcIN3D00BPOdDYCJw3KrXYt0AaTf3mm6WU583fCTxcsmXPkAUSIsZ2uxePl-0lxEeOsne854LigzNQq2E1KXxiHAaymh2g6ndmZjX1g8AM1CUZhxUDd2rtbcl3KovdB9KeoqY2377vN7K0ybJ5JTT18wpXSvi2rL70OGo_k-W5jOGxIxKGikTHRMbfAXum7GbtzOhOYMn0gkddCE46t6i0MTIDffp_ALR3b7pzspwIV3aJn3itPbwcnM1vzeKcqO6UtJIK5v8BO_hiCgBTBLPcX4bg7MVzkQEdM7_Wo6uulUOW8XMe2A3r3t5eWPAKIUYSeLcFJ9T3dKbR_fSTrSU&sai=AMfl-YS7AlD_c7e2lhZz5ftyWXeP667jleHDp8grzx9CzJe_2G56UzukthlEsoE-XkuM2Dn7ON_7wFZzaLhesM0NXHoL_Kp1UWAqGk721SuEoCH2OsYi_4A4FlNM_qUhgNGMI-YHc764T-3uEbyvvbd7Xgce&sig=Cg0ArKJSzBSSUo965dB-EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 16:55:24 GMT
truncated
/ Frame 3C82 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f37cc32c3fd02c1228e56d5e83fb828af5a4fe324eec4ae0a970ec8a4f4434c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012401091919000/ Frame 7AD4 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Feb 2024 09:15:02 GMT
age
114023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56104
x-xss-protection
0
server
sffe
etag
"cf7caf439f3410f8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 31 Jan 2025 09:15:02 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 7AD4 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Feb 2024 09:11:31 GMT
age
114234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5212
x-xss-protection
0
server
sffe
etag
"d5f0e0ea1e5219b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 31 Jan 2025 09:11:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 7AD4 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Feb 2024 09:11:47 GMT
age
114218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29119
x-xss-protection
0
server
sffe
etag
"7ed328db9ca95286"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 31 Jan 2025 09:11:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 7AD4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Feb 2024 09:34:02 GMT
age
112883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"b1b3f9c71858a21a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 31 Jan 2025 09:34:02 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame 7AD4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Feb 2024 09:11:12 GMT
age
114253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12971
x-xss-protection
0
server
sffe
etag
"0e9793e292f94cd9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 31 Jan 2025 09:11:12 GMT
css
fonts.googleapis.com/ Frame 7AD4 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Feb 2024 16:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 15:52:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Feb 2024 16:55:24 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7AD4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 19:17:56 GMT
x-content-type-options
nosniff
server
cafe
age
77849
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Fri, 02 Feb 2024 19:17:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7AD4 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 06:02:34 GMT
x-content-type-options
nosniff
server
cafe
age
39171
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 03 Feb 2024 06:02:34 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/6415048236114373349/ Frame 7AD4 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6415048236114373349/2076313506083323656
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88211f1be0b9c592df15da542b4cedc1acf3b32caf4922bb4e9a18e74870311e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 09:17:42 GMT
date
Thu, 01 Feb 2024 09:17:42 GMT
x-content-type-options
nosniff
age
113863
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43206
x-xss-protection
0
last-modified
Fri, 08 Sep 2023 09:21:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/4924543055559037091/ Frame 7AD4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4924543055559037091/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 09:17:57 GMT
date
Thu, 01 Feb 2024 09:17:57 GMT
x-content-type-options
nosniff
age
113848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4885
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 13:32:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 7AD4 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7AD4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f9cfc256c67adb11cc3e56db2fa9073bc5b737a705c98ec861746625f4360a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
udm-r3_v2.23.3.js
bid.underdog.media/ 		490 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.23.3.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:e000:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 13:08:32 GMT
content-encoding
gzip
via
1.1 17a79dcb426270de1bedb2a8dbcb8f72.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 19:41:45 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
1482414
etag
"0550b0566d3b7839b95eb11004434e2f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
163970
x-amz-cf-id
f5G5O13lIjCxK5MU1oOWa4IYm0Mt8TEv11nAYHtB7dxwuH9xq6tYTw==
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 09 Feb 2024 16:55:25 GMT
quant.js
secure.quantserve.com/ Frame 3C82 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 09 Feb 2024 16:55:25 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.70549285
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.70549285
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=825646077963916831;cb=0.70549285
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=825646077963916831;cb=0.70549285
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:26 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
an-x-request-uuid
1fd0f7f5-6981-4365-bb60-d232d0d2a03b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=825646077963916831;cb=0.70549285
x-proxy-origin
96.9.249.45; 96.9.249.45; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTI4RjhFN0ItMzYyQi00Q0RBLTkyRkEtMUU0REQ5ODRCNzMz&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.70549285&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DE28F8E7B-362B-4CDA-92FA-1E4DD984B733&us_privacy=%24%7BUS_PRIVA...
  • https://udmserve.net/udm/fetch.pix?pmid=E28F8E7B-362B-4CDA-92FA-1E4DD984B733
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=E28F8E7B-362B-4CDA-92FA-1E4DD984B733
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:25 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=E28F8E7B-362B-4CDA-92FA-1E4DD984B733
date
Fri, 02 Feb 2024 05:03:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bindx%3D&s=199174&C=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bindx%3D&s=199174&C=1
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCM5uNoADwGCFkjQsRhKpWCAFATvtbLKjoXtfEpCfooFKjHuLWqhrpRBtFtc%2FIAqHri1U22Pj%2FLbqOt1giFsaJsLMgtTd8QYYcz9p5WXx4zM5gyvLzmQMrhgBMD7UE7%2Belm5O5ttn5nldQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f3f62e288b39c9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2XbZXit%2F6SrxZP84HTqcl8JD45f%2BdVHJSnTfYWSmug9NdgyuGxessuhYMsuRP9QekG9Dt9AUXOIfOf3EuXvOrNuwV2b%2FTOiQi3CVb199wCLu7PXbA%2Bnmyqid%2B9fg%2F3uY2T5JCGiSQhuRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bindx%3D&s=199174&C=1
cache-control
no-cache
cf-ray
84f3f62dbfb639c9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.70549285
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.70549285&verify=true
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-cIk61JpE2uIufrLyEHierO6tC1w5nRle~A
43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-cIk61JpE2uIufrLyEHierO6tC1w5nRle~A
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:25 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-cIk61JpE2uIufrLyEHierO6tC1w5nRle~A
date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.70549285%3Bsonobi%3D%5BUID%5D
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.70549285;sonobi=4c4e4dda-0033-44eb-9fdd-e32c1471013c
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.70549285;sonobi=4c4e4dda-0033-44eb-9fdd-e32c1471013c
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:25 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-125
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.70549285;sonobi=4c4e4dda-0033-44eb-9fdd-e32c1471013c
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.70549285
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZ6EH-1C-750Y
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZ6EH-1C-750Y
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:25 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://udmserve.net/udm/fetch.pix?dt=1;magid=LS4VZ6EH-1C-750Y
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D
  • https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:25 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Fri, 02 Feb 2024 16:55:25 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://udmserve.net/udm/fetch.pix?dt=1;sncr=5E15D2A62FC44EC58D52C87AC88A86C7;cb=
access-control-allow-origin
https://www.btolat.com/
x-varnish
100120912
access-control-allow-credentials
true
content-length
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=54b342e9-8025-4e0a-b3a2-67c771470ec9
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;mgid=54b342e9-8025-4e0a-b3a2-67c771470ec9
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:25 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:25 GMT
Transfer-Encoding
chunked
Location
https://udmserve.net/udm/fetch.pix?dt=1;mgid=54b342e9-8025-4e0a-b3a2-67c771470ec9
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7AD4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:15:03 GMT
x-content-type-options
nosniff
age
114022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:15:03 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7AD4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.btolat.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:14:40 GMT
x-content-type-options
nosniff
age
114045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:14:40 GMT
ajs
fundingchoicesmessages.google.com/f/AGSKWxUiItuz3d1qgPldaGgiqejW4lydYr3Xb2EimpFU6WvO-RSKQ8nBnfHX60kif29x4Qi3j0DBCPv1O2ayqWPYO341lBeyz0gnvFzMXusfpoq8YDYNGRId0rHVtP7J4xX7_zb9cUwogkSNv5pk-2dHUGbCHRxSN... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUiItuz3d1qgPldaGgiqejW4lydYr3Xb2EimpFU6WvO-RSKQ8nBnfHX60kif29x4Qi3j0DBCPv1O2ayqWPYO341lBeyz0gnvFzMXusfpoq8YDYNGRId0rHVtP7J4xX7_zb9cUwogkSNv5pk-2dHUGbCHRxSNyy4v3Oq7wg5ADN0F-QyGm7YTdY7p0OH/_/ajs?auid=/popunders._ads9./ad_renderv4_/banners/ads-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx3JBHAq4VEDkbKvq4R0K6nnH8xHw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13a156c86ed514513047e9d4ce4d486466aaaa0775e3064677f5a3c8809da2e6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SXDeW0P1mftlBbMxm2yZlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-SXDeW0P1mftlBbMxm2yZlw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxr8LAXEYB-Dz5hVHEgunTIZLKaPZZLCQosikJCWTLEz8B-p7g80oLAaD0SgySQwG3JEsfiwon-GpR56bQrIipVRFWsX2tIF18ERbaEpn6sAhcyYDIqpOUahVdGqA6WuQDe7PCzleF_KCCnffld4wTcTNt4xgOSvY0hDshEJLcBWcI8HhseDJQvAM8rrgIvRZ4wF0kxr3oJ3DIVbSOAWPssYfqO-W3AJPYMV-cNutv9lzaHEZx336D9WzV3U"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx3JBHAq4VEDkbKvq4R0K6nnH8xHw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 17:34:05 GMT
AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WGoKSpG7sRhV3zr4nyeGlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-WGoKSpG7sRhV3zr4nyeGlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjCtDikmLw0pBiWMS_i6mW4RlTKxAXZD9nqgBixj8vmDiB-J3kK6ZvQLzDx4NlSuAM1jlA7JQ-gzUIiMtun2OtA2JhufOs0kAsxM3xd8-XtWwCLx69yAEASzok1Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.btolat.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7AD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C90flfB69Zf39HMfb6toP4pmA6Af26cHTdbnc-PzAEue8udGODhABIKyvzSBgye6Oi8CkjBCgAcrIg_spyAEJqQI9mh0vtj2yPuACAKgDAcgDCqoEtAJP0Ec81klH3micaWzkXY7x8YgxXfaQgqABJ-r2baTaO29qrDA9sJTaKArbMPVipuZt_TvxeN53zpUlljLVb8-hP0SfFGKe0iyx7-e0bxiz52UgT53JGiQRmgW7OStyXQ596BjiC1wiINa64ZIiLqHw_FrmUt3M4sgj05Det0zVzblihuoYpnWjMtf0IsjdSgcbE5qBEAfwhn6kJFnlXHc41U_FVarOt0RmczGhq5FlVcEPaE_OM795riZ2nKtWWAFS7nXwO0n-HyYATDXKV2jvAAW1xoGWoCGix54ZKkS30_xAAylTzPR6fbsFPnH-z93Pv1a4Em8x8qW1p3DJohXDIRN688AeX9wgnSj7Of13xm08YLcciaqjuz6Q-PPMld1fobVcns0cK3iNLFIRa2x4Tj-Ey8AEtci3xMAE4AQBiAWzm_eKTpIFBAgEGAGSBQQIBRgEoAYugAfKgNTaBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELPKBNIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYmYq604-NhAOaCRtodHRwczovL3RlbXBvc2VhcmNoLmNvbS9kc3KACgHICwHaDBEKCxCA9tCF9dzd3OwBEgIBA-INEwjXt7rTj42EAxXHrVoFHeIMAH24E-QD2BMM0BUBgBcBshceChwIABIUcHViLTU5MDAzMjcxMjE4NTQ3MzUYlK0c&sigh=bfNo1TTQdOI&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_HwnpD7MGOPOOOLx4Z9GLaM9T4DK0TCppJXiE-KuHByX-qIGgVGZgCJDOAgaXYMr2MxyTsCGwqBcriBi7BSIPA0h0LG6lDhQzHRgB&template_id=484&cbvp=2
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ Frame 3C82 		160 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:54:13 GMT
via
1.1 2755a65ada03bcb40dcec9e77a7c9160.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
72
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:01 GMT
server
AmazonS3
etag
"435cbd9bc4b3440e866ad1f4f7d1ef02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
AFYydQ0NR54n54xOM4X6UC5ucNgNwhyuRnxT-UxhttqW5VV4b1TopQ==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ Frame 3C82 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:28:58 GMT
via
1.1 2755a65ada03bcb40dcec9e77a7c9160.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:00:33 GMT
server
AmazonS3
etag
"eee1bd1fc55b604b66cd9e63c4f811b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
mWQoCj-Nax0AzB8mLZPTUrTKIsXTOy6Zv4IB-0IRz3hqd4EzIehBxA==
bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
bid.underdog.media/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:e000:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5abd4d592ab3d6008cd901ad585957239465c51270c75d7ab782d3ff5e243165

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:41:13 GMT
content-encoding
gzip
via
1.1 17a79dcb426270de1bedb2a8dbcb8f72.cloudfront.net (CloudFront)
last-modified
Fri, 02 Feb 2024 16:30:09 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
853
etag
"47428f61a55eb91e5f5429da907c5439"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
1718
x-amz-cf-id
xrvJnEm57KXZT2RJ1hiQ2n1reDucgGXucUjBFXPzDBkhUddyKKqtLg==
rrv7.js
bid.underdog.media/ 		1 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:e000:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3197782721b8b7d31dc092b4c7536e568703fea6445dd489808ff42cb597421

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:55:39 GMT
content-encoding
gzip
via
1.1 17a79dcb426270de1bedb2a8dbcb8f72.cloudfront.net (CloudFront)
last-modified
Fri, 02 Feb 2024 15:30:03 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
3587
etag
"46e2aca34b1adcbdd92c3c8dc4d263b5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
613
x-amz-cf-id
PJhitVeMl3ytqca_2MOUHFArUCrq4ZkraOrZ1pqFjEuVQIy29MWCOw==
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.8.0&cb=35001212315&lsavail=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.btolat.com
date
Fri, 02 Feb 2024 16:55:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
arj
underdogmedia-d.openx.net/w/1.0/ 		175 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=%2C%2C%2C&nocache=1706892925275&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=65afe824-5e0a-415e-bf9c-5eca7da6782c&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&aus=300x250%7C300x250%7C336x280%7C336x280&divids=slider-300x250%2Cslider-300x250%2Cslider-336x280%2Cslider-336x280&aucs=slider-300x250%2Cslider-300x250%2Cslider-336x280%2Cslider-336x280&auid=558952860%2C558952860%2C558952861%2C558952861&aumfs=40%2C40%2C40%2C40
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
acde836d82e608c61639d2c49a6c228e3381c828a75f3592ab324228d7294911

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.btolat.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
underdogmedia-d.openx.net/v/1.0/ 		106 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1706892925276&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=65afe824-5e0a-415e-bf9c-5eca7da6782c&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A250%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A30%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2F3gpp%22%2C%22video%2Fx-m4v%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545669798&vwd=400&vht=250&vos=101&aucs=slider-400x250&aumfs=20
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.btolat.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
underdogmedia-d.openx.net/v/1.0/ 		106 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1706892925276&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=65afe824-5e0a-415e-bf9c-5eca7da6782c&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A250%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A30%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2F3gpp%22%2C%22video%2Fx-m4v%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545669798&vwd=400&vht=250&vos=101&aucs=slider-400x250&aumfs=20
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.btolat.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
underdogmedia-d.openx.net/v/1.0/ 		106 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.btolat.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1706892925276&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=65afe824-5e0a-415e-bf9c-5eca7da6782c&schain=1.0%2C1!udmserve.net%2C3204%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A250%2C%22api%22%3A%5B1%2C2%5D%2C%22maxduration%22%3A30%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2F3gpp%22%2C%22video%2Fx-m4v%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545669798&vwd=400&vht=250&vos=101&aucs=slider-400x250&aumfs=20
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.btolat.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
ortb
bid.contextweb.com/header/ 		0
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
cwdl
22/4211,22/4211,22/4211,22/4211,22/4211,22/4211,22/4211,22/4211
access-control-allow-origin
https://www.btolat.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cw-server
bid-deployment-6cc5b5775b-vzhvg
fastlane.json
fastlane.rubiconproject.com/a/api/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257012%3B2257012%3B2257008%3B2257008%3B2257008&size_id=2%3B2%3B2%3B15%3B15%3B15&p_pos=atf&rp_schain=1.0,1!udmserve.net,3204,1,,,&eid_pubcid.org=65afe824-5e0a-415e-bf9c-5eca7da6782c%5E1&rf=https%3A%2F%2Fwww.btolat.com%2F&kw=%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%2C%D8%AA%D9%88%D9%82%D8%B9%D8%A7%D8%AA%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D8%A7%D9%84%D8%AA%D9%88%D9%82%D8%B9%D8%A7%D8%AA%2C%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D9%87%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%2C%D8%AF%D9%88%D8%B1%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%2C%D8%AA%D9%88%D9%82%D9%8A%D8%AA%2C%D9%86%D8%AA%D9%8A%D8%AC%D8%A9%2C%D9%8A%D9%88%D8%A7%D8%AC%D9%87%2C%D8%B6%D8%AF%2C%D9%86%D8%AA%D9%8A%D8%AC%D8%A9%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%D8%AA%D9%88%D9%82%D8%B9%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%D8%A7%D9%84%D9%8A%D9%88%D9%85%2C%D8%AA%D9%88%D9%82%D8%B9%D8%A7%D8%AA%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%A5%D9%8A%D8%B7%D8%A7%D9%84%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%A5%D9%86%D8%AC%D9%84%D9%8A%D8%B2%D9%8A%2C%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%D8%A7%D9%84%D8%A3%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%2C%D9%83%D8%A3%D8%B3%D8%A3%D8%B3%D9%8A%D8%A7%2C%D8%AF%D9%88%D8%B1%D9%8A%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%D8%A3%D9%88%D8%B1%D8%A8%D8%A7%2C%D9%83%D8%A7%D8%B3%D8%A7%D9%84%D8%A3%D9%85%D9%85%D8%A7%D9%84%D8%A3%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A9%2C%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%D8%A3%D8%B3%D9%8A%D8%A7%2C%D8%A3%D8%A8%D8%B7%D8%A7%D9%84%D8%A3%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A7&tg_i.domain=btolat.com&tg_i.page=https%3A%2F%2Fwww.btolat.com%2F&tg_i.pbadslot=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-300x250%3Bslider-300x250%3Bslider-300x250&tk_flint=pbjs_lite_v8.8.0&l_pb_bid_id=41808a19b2a40eb%3B4204ed85a6d9c24%3B43240b0140d9bec%3B44d36cede714f2f%3B45ac52e4b66ae72%3B469e2e19c2205e4&p_screen_res=1600x1200&rp_floor=0.04395604395604395&rp_secure=1&rp_hard_floor=0.04&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-300x250%3Bslider-300x250%3Bslider-300x250&slots=6&rand=0.6240510797316137
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
12ff2058952e6a9fa814678a87619d22a5544a904ed06a01158da0f066db5389

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.btolat.com
date
Fri, 02 Feb 2024 16:55:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		116 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8493c6cf1a3cccc307d4067c48cf0c09e1d6544ba654f034fe7b83f8dc2b4ad2

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.btolat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		116 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8493c6cf1a3cccc307d4067c48cf0c09e1d6544ba654f034fe7b83f8dc2b4ad2

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.btolat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		116 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dmK730KmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8493c6cf1a3cccc307d4067c48cf0c09e1d6544ba654f034fe7b83f8dc2b4ad2

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.btolat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		116 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dr5CFEKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8493c6cf1a3cccc307d4067c48cf0c09e1d6544ba654f034fe7b83f8dc2b4ad2

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.btolat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		116 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dr5CFEKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8493c6cf1a3cccc307d4067c48cf0c09e1d6544ba654f034fe7b83f8dc2b4ad2

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.btolat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OQ6BWyOSphE1xie9SuZlww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-OQ6BWyOSphE1xie9SuZlww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAvxcPzd82Utm8CEI1uXMAIA67Ai7Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.btolat.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9EYHYqrLPS6J6Sf9uXQ3jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9EYHYqrLPS6J6Sf9uXQ3jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAvxcPzd82Utm8CLxpZljADt0SLZ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.btolat.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWRDIlvdpb0NfVnROn11OnBA23ow4bWMszmoQBuScXFQMECIbD4QiEv03NGPbf8i7at61XDGrDRaAXMAkQdhSSAerVZzVngl3PWmKe1p6OD3UvtXF_lhc_ewCCMFebNRB6uclNIyQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5WKuMkKC7so9ZN9gUwdAMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5WKuMkKC7so9ZN9gUwdAMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAvxcPzd82Utm8CHeRuXMQIA7PAjJQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.btolat.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXMzf8Dt0VDWuvfUwEEkEv1B59CeVZZBUrd7BVRnrFFco9ybBBVwF-oJ9c-YV7dqhQthBJfUQ6wXrGNqNfDBIhvg0HYQbS8VQ5CjodTWZ2ynN8cnda_WdCEb59bBWqYq4cYE1GTQg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXMzf8Dt0VDWuvfUwEEkEv1B59CeVZZBUrd7BVRnrFFco9ybBBVwF-oJ9c-YV7dqhQthBJfUQ6wXrGNqNfDBIhvg0HYQbS8VQ5CjodTWZ2ynN8cnda_WdCEb59bBWqYq4cYE1GTQg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2ODkyOTI1LDMxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuYnRvbGF0LmNvbS8iLG51bGwsW1s4LCJEVmo2azJsUUtVcyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff3ed8cffc4a8a75ccb87e3319fba86e649611961e1592ceaaac4863db2152bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2-0ozOG-L4kneWljLm_OAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-2-0ozOG-L4kneWljLm_OAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5l4vr5kkgBiDSB-J_mK6RsQ7_DxYHkTPp2VK2I6K1vFdFY-II6rm86aB8R866az6q6fzrrlzHTWPUAc83w6awoQL2adwboaiKcEzmCdA8Qt0UA2EDulz2ANAuLPmTNYfwNx2e1zrHVALCx3nlUaiIV4OP7u-bKWTWDG8va1jAAmblbp"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3C82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv64tBbLrvxw4wo6YYmxg4rwekS-OHMSFjN2BZ70ej-BAEd_VijvWTH7I8L3pEJP1pj75O9_HzE5ZYJmVyNYpyBMQJrpL5GHC6oegU00zs55xsu1BtF1j60_UbPRzhTjz0IuEZPito9PgaL-7a8AKsXlY_HNIrZxpJze4h8DpZpWeiYFvNUkbCJiDp7HQctdRH6pXEDsQWRoq0HFiDQx7tun66q_cMdbBrkoDt5IKuDo3xOFiz6uvGA9DClwiE39sdRXyorQxBZPZE7Df2OwFJRkyGA3sg2inv2BpgnX37NZ_A4qw4W_F2NEAZYicAbwSU9EaGkXdtkYvfayclkk_xfQlOUKNeqw7c&sai=AMfl-YRREoZMWPNM8JXJQsl0bAggGWx3MDXVluiFhORL07IQ6y7Ibnhcy0u1x7F-mr5Bsw50_pBNpT5jPePVzKXaLEHIcAo0VB37mCs5N7XdPl8Ld43BhF5kdvshcJhpIbM&sig=Cg0ArKJSzENEBX5RRXaJEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 16:55:25 GMT
pixel;r=85398082;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1920870301-1706892925173;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-2023120...
pixel.quantserve.com/ Frame 3C82 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=85398082;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1920870301-1706892925173;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=btolat.com;dst=0;et=1706892925320;tzo=600;ogl=;ses=62911781-9cd8-49f6-a930-2705cc0bf7da;mdl=
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=235868915;labels=edge.1%2Csid.16003;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1920870301-1706892925173;pbc=;ns=1;ce=...
pixel.quantserve.com/ Frame 3C82 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=235868915;labels=edge.1%2Csid.16003;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.btolat.com%2F;ref=https%3A%2F%2Fwww.btolat.com%2F;uht=2;fpan=1;fpa=P0-1920870301-1706892925173;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=btolat.com;dst=0;et=1706892925322;tzo=600;ogl=;ses=62911781-9cd8-49f6-a930-2705cc0bf7da;mdl=
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["edge.1"],"pcode":["p-effSsmMYCbAck"]},{"label":["sid.16003"],"pcode":["p-effSsmMYCbAck"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
container.html
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C48B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:24 GMT
expires
Sat, 01 Feb 2025 16:55:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C48B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CE_S7fB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoElgJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787BsgM5l7BttNLjl0qzjpcHE540-p9Biv1fmbPH7qm6HcgvPFv3UuAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA4AKAfoLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAbIXHAoaEhRwdWItNTkwMDMyNzEyMTg1NDczNRiUrRw&sigh=fR68QdUyvcI&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_39V6lmvvWhgZE48F8lPUMlfQEgQucdlyibpzbUtRBp1k_bS1u7rm4aBxRID0qsxe5MZsclRAXvLIGpDZIccs4dcJBx4uSMs4qxgB
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame C48B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kuHSFdWCMKwC-gHiIp0XAgAAANwECB-ksh_CSfR_qxB8Hr1lK-ZOB89xiJSPAAAAEgAACgpBUVVCQ2dFQkNn&wp=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
135673
server
Kestrel
content-length
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 7EC0 		221 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c808bf4e508bd7d8852a7ebaf2cf1e857dc4fcc883f90f3844a014ffb49bf3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:24 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=tN_Jq53FUcIwQf9fnsfUfzv3YTH3z5MM4mkJzoCQtksMEyT4623FdTbMszDRNciAJ7qOJo5GppLJLDJdQrAEeELV7elA2QoDDmy6xGndlipum6PYcJNQtSjkbS-krXsh518LUhAh5koX5SqBSpyURzCEGvWbEZmbJaQZ5ia9kmhRYKO_eWRQ2Q2rd9zhsnZNdt00IFmZLWl6eQAAAkXrVlMLlGcjd5XYdUQeexmaBnpSPpXM8-L_fZs7c45P-EKxmRS5Gw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
132421115
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame C48B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 23:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:24:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame C48B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 23:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:24:24 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C48B 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:16:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
113948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 31 Jan 2025 09:16:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C48B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:25 GMT
AGSKWxWbaQM-Ca_iklADVrQI6gkmY87ghBV_vNk8q7XEDceEad-IUYV-21xxf5wPoV-N-45a-5FUVEvAilcnhYz08lZb4I5_XGjlFUKwemrptRz1kB5VKSXPw77JQSSuiXE056KsIrwvNw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWbaQM-Ca_iklADVrQI6gkmY87ghBV_vNk8q7XEDceEad-IUYV-21xxf5wPoV-N-45a-5FUVEvAilcnhYz08lZb4I5_XGjlFUKwemrptRz1kB5VKSXPw77JQSSuiXE056KsIrwvNw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.DVj6k2lQKUs.es5.O/am=wA/d=1/rs=AJlcJMworyhFgXmYbi3tXdGV6oQwMuLjDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T8Zxl8bOjgMbKRqoYHcRyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-T8Zxl8bOjgMbKRqoYHcRyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQListvnWOuAWFjuPKs0EAvxcPzd82Utm8CM3uazjADrZCK3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.btolat.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C48B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed2a53d5bb62c4a5fd27f95b19c5a1cb435c486ca21ed8515cb8398305163598

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7EC0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:25 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7EC0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:25 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7EC0 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 27 Jan 2025 16:55:25 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7EC0 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 27 Jan 2025 16:55:25 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 7EC0 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=kg5YD5W9UW_MO_BYjRt90oIhqilvVuLAZDNyxvT4z_cmNnzergislOtzzEaMP2ZTw2Z_GjVKJhRRYxsdkOmEEabJ3NEZco0nJZ6WUQ0MWquNBUuIN8CsmfKM-yf7MyNLAMCP71nc9Mh4rntoWU_awMHZKlPpAZ0G549oiiCVLOuicYbWKI6-KHX64fzrPYMbxMR6LkP-bimJst-B_bx33YF0daQCehifiF6pK9C-_SPDR_eTSDn_q-31K1blmEl9bWC0iwcbUgzlUdomg5emn4YTk_JGJqYpMrxcQaGVtnJ3FCeqUNThGHND8QqizLOSaDjY8BGNk3hk2oPeHbwuG1VrrcJ8KkSwuJavi-8AMhsW3Yr4Y5E_YHr61DZwpRT0gddot31T63iOu077GNFiQUYIVMjIdSocyj_2IQGF3TzZQmn9
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2859381
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 7EC0 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:25 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=76&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2F149d51260c774f4ab6ea9aaaeef8a0dd_logo_n_horizontal.png&v=3&w=596&rid=4&s=ZF5UkiqHwv2_Z6LKiTamofdT
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8b1d19cea7be46f8a2330c4e33f66b525f2f864c3f3d9e326ba0abfcc1bdcab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11138
expires
Fri, 03 Jan 2025 01:26:47 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=1200&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2Fcae19fa598024fb295715fc0d1a00ab2_777.jpg&v=3&w=1200&rid=4&s=J6J3RXYlte8fUMmAs5qC_ndS
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
809e42776eaf995aa904055e1262fab049761974508b1aae40a1bf38d1de12f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
34488
expires
Fri, 17 Jan 2025 12:39:23 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-01-A0001AA_962d361a-e70a-4b5c-92c3-4a064d483ec7.jpg%3Fv%3D1694967992&v=3&w=400&rid=4&s=IM0wuG9ha47Fiqfm4aSR3da_&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2fe101c0179046604a21b2762c7e7e44d98646267727910c9fb30383eab3302e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
21568
expires
Fri, 17 Jan 2025 20:58:26 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FFA_27RH-Gold-AA.jpg%3Fv%3D1680784860&v=3&w=400&rid=4&s=EPILbcxw8izGOS0xZQlqVISi&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f9b132529090980e330ae6f6b25043a84b9267589910a7dbf35517ae49ef58b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
24700
expires
Thu, 02 Jan 2025 18:08:30 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FCH_03RH-Gold-AA.jpg%3Fv%3D1680785059&v=3&w=400&rid=4&s=ma_O5EeqKHNhGbUrSW1FAcFZ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0f9f01e8064d566684054758dfdc481639db181059c52549866e99e37ffe1ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
10924
expires
Sat, 11 Jan 2025 01:05:03 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-01-A000001BA_5d8b6af8-85af-40ae-8057-c0779ec410ee.jpg%3Fv%3D1702455025&v=3&w=400&rid=4&s=t7rnM4g5eTUCazHMQmIdE2Gg&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b3878d13a99341ea76a01f302cafdeebc46c68a7f7aa19147082cbfb982bff9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19578
expires
Sat, 18 Jan 2025 12:08:44 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FRB-04-A000001BA_a8916b28-3f75-4da5-bd9a-49dd0b0a6b38.jpg%3Fv%3D1702461693&v=3&w=400&rid=4&s=hmeBgFy7uuKn-KOg81DHjsVY&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
54c1a25253037b8fc09581dfda4ad014dc58be1eedba99d189e2b9b270270707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3460
expires
Mon, 30 Dec 2024 11:20:12 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2Fwb-ebook-cover-main.jpg%3Fv%3D1655467876&v=3&w=400&rid=4&s=Zr9WiV2MINlfZiNFpeAhI0zd&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
beb00a215efa07f175d2da5d59bea3578ae9c67b1699cea139ee9f4b44e53a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8462
expires
Thu, 16 Jan 2025 13:10:30 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FPINK-4C.jpg%3Fv%3D1652342189&v=3&w=400&rid=4&s=Krhzw8VGeeKkXJQeKLUYmalk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
45ab87506d84558242990d81fcad9dd508df6719f60851edb6765ec8438a3f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8454
expires
Sat, 18 Jan 2025 11:21:45 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FRB_02RH-Gunmetal-AA.jpg%3Fv%3D1697575616&v=3&w=400&rid=4&s=lUos4uTideiRR1PToAZGKovz&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d96e44e1a76d557cdc349d7fca20de807afa97afebac848a0cce8bae4360ff29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13446
expires
Mon, 30 Dec 2024 11:55:40 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FES_05RH-Gold-AA.jpg%3Fv%3D1680784719&v=3&w=400&rid=4&s=cJ5u6nGoE_sZeXj4T1IVwIQD&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
00fcd208be9dd06d82b38bfaa8244c5f0cf1e54b8c6c3223b40f75ac4f05d0d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17808
expires
Sun, 22 Dec 2024 11:14:56 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FTR-04-I5BA.jpg%3Fv%3D1632004060&v=3&w=400&rid=4&s=QHi5nieJSpDZWYV7noBODA_j&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d7a62b14778a5e0ccf6040168302eb509cdf9d1a0e8f7f025f7f542efcbd2d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
16042
expires
Fri, 17 Jan 2025 22:40:46 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FXM-04-O2BA.jpg%3Fv%3D1699370057&v=3&w=400&rid=4&s=YvQ_kg5JuUKSgnyHPPwwzhr9&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
290ee15eacb8b58fc7928de2588910d1a5ed2f868b5a178bb0fbf22b2d17271a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17848
expires
Fri, 10 Jan 2025 13:51:50 GMT
img
imageproxy.us.criteo.net/img/ Frame 7EC0 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FCH_07RH-Gunmetal-AA_fd5b36f2-f13e-47de-afab-402582530095.jpg%3Fv%3D1680785078&v=3&w=400&rid=4&s=hB4eo0z4v7XHCPQGaWFukdAV&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ff26965bae8d1fb7af3d8bbeb3274909f376b1c497972e4499b05542c767b129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13088
expires
Mon, 13 Jan 2025 17:18:44 GMT
all
csm.us.criteo.net/ Frame 7EC0 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=tN_Jq53FUcIwQf9fnsfUfzv3YTH3z5MM4mkJzoCQtksMEyT4623FdTbMszDRNciAJ7qOJo5GppLJLDJdQrAEeELV7elA2QoDDmy6xGndlipum6PYcJNQtSjkbS-krXsh518LUhAh5koX5SqBSpyURzCEGvWbEZmbJaQZ5ia9kmhRYKO_eWRQ2Q2rd9zhsnZNdt00IFmZLWl6eQAAAkXrVlMLlGcjd5XYdUQeexmaBnpSPpXM8-L_fZs7c45P-EKxmRS5Gw&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7EC0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:25 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7EC0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:25 GMT
container.html
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B327 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:24 GMT
expires
Sat, 01 Feb 2025 16:55:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A591 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUcOiyn18qB8iAFC_qJjbE20mlMCmoGNLTtP724ukX__90hvvxP5L5OKfFuBrLQUQ3uOcNY0hUlm2NBViP8ukHNAxbV1_AShixAcQ6sV6QsrcfHpTYjgAlo7LZUW7S9M_rhW7uGzFc99IKFkj_klifNynZ33TydD-NwVwWYPIj1D5NBzEprAyh4VVIkZd5sCrZ7f6jDrZEtD4GMkPcCP8LEYd_j-h96m8KMNsa4vp2R5qFSU34cqXb6d60tnpYQwflct7gMdDGPs_qEoz8HsLCk0__sFb5imPpqp-Kliv53Xz8nimcPGyJBsFIP4SS-fRiBX1lgIwz881JiqFU8oYuzQ&sai=AMfl-YS2Cgcpc6YZ_ZjkwCYb4rbdDJstEl7uLioEQ79IsodpLRJoIdxeO8g_nGpGN58l2DUE-AEzhkpFMIuVbmXDfLOqYalHoXjmTVsgyNu0Rg4ta666TVww6TR_csnMSnjbx1yT_ciqB0n88T5PJJcr_V8&sig=Cg0ArKJSzEgByeeEqJUJEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame A591 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:16:30 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A591 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:25 GMT
12502786935259066022
tpc.googlesyndication.com/simgad/ Frame A591 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12502786935259066022
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7725cc66bee1451a28d6dd9b81791ce531ee8bd369b3f0584b7d66e7aaed1040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires
Fri, 31 Jan 2025 13:56:39 GMT
date
Thu, 01 Feb 2024 13:56:39 GMT
x-content-type-options
nosniff
age
97126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60140
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 12:43:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame A591 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51c5675052d719ff74135a4f82c1198fff02f275949e31a660266c43063d5bca

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
afr.php
ads.us.criteo.com/delivery/r/ Frame 992F 		42 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0cdd47bfd41a0594e0c5fd574e5f5900a47c84b9aede689bb796efc0dda0baa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=gyJnlJ3FUcIwQf9fgmuKdOVZZRfg5GS9kqF3GNkX8kXBXP9sHNYxn4RUdJiuezzoBZEEHa3S1ItgD2FDyYywrxPDO_lJDkyZ28b-hQ9yKTHz4zjjj0Je0hwS6oLiMigLL_sFe-UBM8s8Mgb531Wl_JhYagiva6YN7k0uHCm2Kx5X4YEuamBmH_FwOEbUjVO7hCVhLm5W3K7gEq0rdVsbSCah78IZKBwy0HqFvtaqZ9el3jlFMc3QKCi8ULNxzyfOWbsFcAC33RaeghIW"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3972644
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B327 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:16:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B327 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:16:30 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B327 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:16:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
113948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 31 Jan 2025 09:16:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B327 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A591 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCa1QIOb-_r9GcOsaiC-b83LDUPONH7AosB9VoXfORExQqu3RLbTS8Cbj-n70MCKJbV0TYqRNe6rpaJ0g8Y0O1PDTP_M-uzCCRB8yGqh8cPeKohYfck2PUIABVHa3CMSlngsmZ0BZGNVIE373CggTSr4bWNWWmF_G8S2-gsjIU7nsnhACjepboQZ--GsvhNDOgTuH_XdY8jooaPcWIRxPkjD2v0YnriJW3UQhvLAIVcIG5rEh-vtqM30DFRtAueGI6Mq7IUpMbgpqV641SbysvL8zf4LxHQSWlfAAmNZNJcT4PL58yUalN2KzHGv6Rll1JNPT0wfFKGjd2AI1IL5E12mND&sai=AMfl-YQN-3bY5tB4sDb9wiuTPNrq6U1w4FWOZLtkAC8qYBF_kEU_8E7_vAtFTqJxEWF1tEVt1Z3ZAi-mPBF5iO6HAMDopEfmu5U51vBCzf92w6K4psMNoDk4WafZmUZd4DwvJcNHiNifN6iavjtyNs5Zn3Q&sig=Cg0ArKJSzDt-Oz1cvXqBEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 16:55:25 GMT
truncated
/ Frame B327 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7ddb1508ad90820e59e2e7a0c696c1fb89ec9d1f37cd29306116435c1140a0e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 992F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:25 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 992F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:25 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 992F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 27 Jan 2025 16:55:25 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 992F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 27 Jan 2025 16:55:25 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 992F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=w01ODXbORlfUOSaAwA7x0vG-AwPFpD06lwSL4xwQJZLlJUbfl5ROm2d87PlsLB9DNO2dsFQohs9tnUmc3jLCtiRGWbifbubk8h40XC4Qi-HvBKIS3YubqJD9JLXzOhJ9C6Uf_88R1i1TchDXj7IIFb77xpXU-PYqDA8iyUH5mqFF2ole559hWxCXUXfBx0gf5P6qtC85FFw4E7CyXC2h0nB7dStJm8E7Bv-0XcbA-Fux9EKO6JeMr3NzxsoUQCeBmlvAh4IAnOuN5pTr9EUnJjFW8Mhs-ZgOhmBbbwf_Z_qHy-K77ezuP8jcu2J6zBc75CBlC6dIdcvCWt_OTfvm84_9BJZBRxqlaid2x_U_Zrxp2SGCDZFFOseY7ftlD6ja_nrDzpMhDIJ0YlSKDXCwASGsm1dKNVthhgUKTLdiUJJ8b3z-
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1723477
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/ Frame 7BC0 		248 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/index.html
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0dec7133c29e2c418f3db9eef76c0c6572c72c4a4501501e491830e00a3baa70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:25 GMT
etag
W/"6554d162-3dffc"
expires
Mon, 27 Jan 2025 16:55:25 GMT
last-modified
Wed, 15 Nov 2023 14:10:42 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
all
csm.us.criteo.net/ Frame 992F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=gyJnlJ3FUcIwQf9fgmuKdOVZZRfg5GS9kqF3GNkX8kXBXP9sHNYxn4RUdJiuezzoBZEEHa3S1ItgD2FDyYywrxPDO_lJDkyZ28b-hQ9yKTHz4zjjj0Je0hwS6oLiMigLL_sFe-UBM8s8Mgb531Wl_JhYagiva6YN7k0uHCm2Kx5X4YEuamBmH_FwOEbUjVO7hCVhLm5W3K7gEq0rdVsbSCah78IZKBwy0HqFvtaqZ9el3jlFMc3QKCi8ULNxzyfOWbsFcAC33RaeghIW&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 992F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:26 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 992F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:26 GMT
img.fetch
udmserve.net/udm/ Frame 1A82 		0
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=16003;tid=1;dt=7;p=1;rri=1706892924950_560851_96.9.249.45;mid=47782;zzz=%5B47782%2C1706892924%2C%22Y49kZcOJ0fbNcgJJCsWMmw%22%5D;version=v2.23.3;cb=0.0690314087180901;qqq=18.315018315018314;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
application/x-javascript
Date
Fri, 02 Feb 2024 16:55:26 GMT
Expires
-1d
Connection
Keep-Alive
Content-Length
0
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
placement.js
displayf-tm.everesttech.net/feed/ Frame 1A82 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://displayf-tm.everesttech.net/feed/placement.js?id=btXxJqnWClDtkAjBpZEd&site_id=FF0GVbl5sGqQAJ8S3ijY&rand=-6951183772209083076&tm_auction_id=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&didtype=UNK&bi=B094GTOupeOLk4jU6hJcZ_N_MPSEEivIi4r8aFK8G537BSNFOnt7X11ueeES97xGhTToIBkFhNZ0HHAG7NE9fZyumKnTqFmLx6sNh1fss2nlYbq0yrveR2Fidr14nhGdD6q70h9jeqABFPB8n37T9T71kq5J5RjaWKOlBC36VyJeklFNhovlesPfLBet3A2wplUmRQ9FJqeji_9k2Zl4Wdg1M2NOZCw75vn5pAf_j6RAGvBIZOF3EjJrT30_kQ4MZmz&page_url=https%3A%2F%2Fwww.btolat.com%2F&seller_id=24042&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F121.0.6167.139+Safari%2F537.36&q=H4sIAAAAAAAAAGWRv08TYRjHvTtKoTERm5oYXE5cKKHX-9X7AYO2vaPQSlu51oMmxtx771s4evSOu7e0dZPFSJxwwzg4uKCLjuhfwMhk2DAOxokwMglWEhOf4Rme5PPk-3ye0ffafvnlTu7Vre6d9PPxw0hsCvd9xKx63qqLLN8JGdvbSAMHQhQwWWigYAsFS2izg0IcfxO5_emYnEgAvNwrbrbNvKvhVnY95zd0OPn14zuCT4hFV6shIHvdrGZbar_hVXTl5PWPDzdyCVPuFNkOEIpArxZ0Y1lvqc1dAi96zxzXtdIZhqUnTacNvW5Il2s0xzLsLH0xkMRZuieJSTrr-y4yESg5OJ0RZEaQ6MnSfG3x4TTtOi1EF5Dd8pJ0fi3wNlCa4zmGZSROkhlOUGnDalqB85fbI2hZaaooIysir_KCiixBARCx0JYAxwHIsgfEtCpavA2RkOFsVbjAZShBlGlmbEWUeCRYCpSbwFK4pzzDHRJUvVw6IqKddqvtddvHRLQ7uOUXwY28fZGMJ-bm2MJj4GbCwuajbFExBGd9ZTwGsOda-FI7TanX_tTp_TMiwousyJ8TiYaB6qt5odKHpin7IshpIdombyK85oWKwKX8wIOpLUvaJccCDFKD16WaThDifXIodDD6TF6FOiOTsf_J-PAAmrguMGzKKGerxnyldk5GYxHU8128TS3EokEHOLbXHts9Ghqn6oY2cdmSV3lnKGfDz9FzF-L1HkZB23KrgWOjpQFlOnithPphdXSHurZHXS07oO7FyLoRJ8srUxFO5Fmejxb0Sr6i6TPRxezy4kJZe0AcUcOCIPIK-536R9ZP6lvklGqcU1GIwhb2_LtfTtj9JyPA_A00exG65AIAAA**&click_url=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Frs%2Fiad2%2F0%2F38f779f5-b74e-4059-8515-050d7c5cf45d%2F0%2FhF7-Yg8mCfKfF_1soP-DcJGjOZM%2F&tm_os_group=windows&tm_device_group=unknown
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
adobe /
Resource Hash
dacfcdd514b5150ac58816996e0a304b5ee2b364d8aa8eb997331aab5550b7fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
via
1.1 varnish
x-pt
P=2599 0=0
x-cache
MISS
x-region
North-America
x-served-by
cache-yyz4533-YYZ
server
adobe
x-timer
S1706892926.101240,VS0,VE25
x-failover
none
vary
Accept-Encoding, User-Agent
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
e.png
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/ Frame 1A82 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/e.png?e=win&aid=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&cp=2643516&slot=1&x_price=8805F0509F43D959&ets=1706892925612&tz=America%2FLos_Angeles&source=rubicon&fc=1&fci=1&country=US&region=NY&mc=48&ap=0&ut=0&vis=UNKNOWN&site=FF0GVbl5sGqQAJ8S3ijY&bp=76050&curr=USD&exr=1.0&fid=btXxJqnWClDtkAjBpZEd&c=4118350305&ccurr=USD&cuxr=1.0&a=461365&ca=727394&st=DISPLAY&sh=90&sw=728&rid=4212&mp=163&psk=FF0GVbl5sGqQAJ8S3ijY&cfc=15&cfci=30&dur=-1&cityid=-1&metroid=-1&countryid=232&postalid=5349&didtype=UNK&duration=180&v=1&auth=nl6oOBokhGNRMzhy7t6qBZdcT20&x_r=nU4isA
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.68.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-68-245.compute-1.amazonaws.com
Software
adobe /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
x-pt
P=213 0=0
server
adobe
content-type
image/png
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
edge-logo-white.png
bid.underdog.media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.underdog.media/edge-logo-white.png
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:e000:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 13:08:33 GMT
via
1.1 17a79dcb426270de1bedb2a8dbcb8f72.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
1482414
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15804
x-amz-cf-id
YsABog94Ldu1UWbLa-p8i7_0YpWLNh-Kux72JGPGSjNdImZo7LDO9g==
38f779f5-b74e-4059-8515-050d7c5cf45d
beacon-iad2.rubiconproject.com/beacon/d/ Frame 1A82 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/38f779f5-b74e-4059-8515-050d7c5cf45d?oo=0&accountId=24042&siteId=403056&zoneId=2257012&sizeId=2&e=6A1E40E384DA563B631BFDE9C8AA2249F4470FD9CADB29CFEA1044280E7FECD999282363AB86BD1391BA89AD3B36B4C7E9F89206FC79094A385044587E6C067AAD15E081B6C9B28B83CFC826D604B30387797B7B170BEB275D9659E92ADAE9E63F96761EA72A5DEB07C258C3ED95C85114EDD882E6B03AE369A9DFA5E55F61EA97F998B6BFBB089B176EA57A610E0A89FA6C8C20638B52A1FFDDCBC3DD123B55F4970785DF80712788F2E42A96E6B7524D6D44E19E25C6B8CDA10306204D320B
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::64 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
imp
statsf-tm.everesttech.net/stats/1/ Frame 1A82 		85 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?sessId=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&cpKey=4JlDTeb7owADca9yZoOE&mpKey=btXxJqnWClDtkAjBpZEd&adKey=W7uJ0ub3JbEPGESXEk9f&psId=FF0GVbl5sGqQAJ8S3ijY&burl=https%3A%2F%2Fwww.btolat.com%2F&w=728&h=90&bi=B094GTOupeOLk4jU6hJcZ_N_MPSEEivIi4r8aFK8G537BSNFOnt7X11ueeES97xGhTToIBkFhNZ0HHAG7NE9fZyumKnTqFmLx6sNh1fss2nlYbq0yrveR2Fidr14nhGdD6q70h9jeqABFPB8n37T9T71kq5J5RjaWKOlBC36VyJeklFNhovlesPfLBet3A2wplUmRQ9FJqeji_9k2Zl4Wdg1M2NOZCw75vn5pAf_j6RAGvBIZOF3EjJrT30_kQ4MZmz&price=8805F0509F43D959&PG=F&didtype=UNK&seller_id=24042&campaignKey=ZSeUgC3OydWW7p4bBDse&bidderZone=ethos831-prod-va6&bidderGroup=rtb-bidder-first&env=site&conn=unknown&s=H4sIAAAAAAAAAAGwAE__tQsp7u1iVJpV9RE5VdfEXqjVWMWM3NcF_H8QxCDcPJ_-7VUhJ7IwcW5NKvN36OyMQ8sKT3Crw1c1mva8o6S_RSYLqn24pWPFkAxoC-ADXnh-zs5_h-PJVF4y1OFFEZBWJMbs-3SamK3cACtDZL6sdWx__8cnN9WbWiASmWE99xttYrJewMDBm8fBTnw9tf3pysQbF-6HzrNfGoUKu2mii6ML5fv1DS-HKBWOXWVaKVaaw5HqsAAAAA&date=1706892925613&auth=bb4944070c211126ae0a338c5cb025f3&vinst=t&rurl=https%3A%2F%2Fwww.btolat.com%2F&wd=0
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 02 Feb 2024 16:55:26 GMT
via
1.1 varnish
x-pt
P=315
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
North-America
content-length
85
x-served-by
cache-yyz4555-YYZ
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 2 Feb 2024 16:55:26 UTC
Enabler.js
s0.2mdn.net/ads/studio/ Frame 7BC0 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48652
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 02 Feb 2024 17:00:15 GMT
container.html
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A685 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:24 GMT
expires
Sat, 01 Feb 2025 16:55:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 6278 		148 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7748697feef3673174ea48e0be59ab9a014d4fad4ea826c9e5a0975e6e8ba2e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=sVbj3p3FUcIwQf9fjR1o9KupmdTcuoVIPn9p8pa48qBQ68iigXGTEQDRfMDEI12jRRDEk1Ld_Yx5Hqak5mSkoeyszAy634tTnsy7cu3KbEr_DzeWSbsOb7UeuG1ngpdg0mK6O6M-2qIsmGJaDZcUcmsXTnairiOJJCHYA6lPy5_4YD5gL574LUkh_HJqwjXB1yNb04Yp0JItaYtiRFnfXY4JAUz7vlDJJQ0FkxGTBC6ISEBvIAwK2VBvwTb2yqCBPJwEcNr-eoYdrRBV"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
88717707
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame A685 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:16:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame A685 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
2336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:16:30 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A685 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:16:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
113949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 31 Jan 2025 09:16:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A685 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:26 GMT
usync.html
eus.rubiconproject.com/ Frame 3970 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Feb 2024 16:55:26 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AD4 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIRtC1iv2xRhCRTnzgVg-9iJll6K8G3h3Vj-zKlmgH_WeRvz13AU575uzd5IE1dHRneRp7ywqzY2dl_7A5VKvbMNctpuM8DKhNpe8LQjS1-kAzDPSVLV9CVWDflxFYCVpTs9XGfQ2Vp8fXauhhMmhx3EUV&sai=AMfl-YTOEjJ7e_pijFg8Kg33j8RoKppvBBNZFcP-MCq1Z4GAwjKZ0wTV9VQIazv03JFZXOG6f0DctTkIkndUJX_W_XIwPzUvI9WLWX8W7UIlaSl6uviTy6cnhbcxdVLzg79DPn3XRXdTytyxb8oiRyyA&sig=Cg0ArKJSzE5NDHr0HC1fEAE&cid=CAQSTgAvHhf_HwnpD7MGOPOOOLx4Z9GLaM9T4DK0TCppJXiE-KuHByX-qIGgVGZgCJDOAgaXYMr2MxyTsCGwqBcriBi7BSIPA0h0LG6lDhQzHRgB&id=ampim&o=1355,180&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=259&tls=1259&g=100&h=100&tt=1260&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A685 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9f4b63d228f8bbc5c1347c7b36fc86101aab33627dcd2a770023235b1b27b10

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
displayproxy-20231031.js
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame B448 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1
Requested by
Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=btXxJqnWClDtkAjBpZEd&site_id=FF0GVbl5sGqQAJ8S3ijY&rand=-6951183772209083076&tm_auction_id=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&didtype=UNK&bi=B094GTOupeOLk4jU6hJcZ_N_MPSEEivIi4r8aFK8G537BSNFOnt7X11ueeES97xGhTToIBkFhNZ0HHAG7NE9fZyumKnTqFmLx6sNh1fss2nlYbq0yrveR2Fidr14nhGdD6q70h9jeqABFPB8n37T9T71kq5J5RjaWKOlBC36VyJeklFNhovlesPfLBet3A2wplUmRQ9FJqeji_9k2Zl4Wdg1M2NOZCw75vn5pAf_j6RAGvBIZOF3EjJrT30_kQ4MZmz&page_url=https%3A%2F%2Fwww.btolat.com%2F&seller_id=24042&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F121.0.6167.139+Safari%2F537.36&q=H4sIAAAAAAAAAGWRv08TYRjHvTtKoTERm5oYXE5cKKHX-9X7AYO2vaPQSlu51oMmxtx771s4evSOu7e0dZPFSJxwwzg4uKCLjuhfwMhk2DAOxokwMglWEhOf4Rme5PPk-3ye0ffafvnlTu7Vre6d9PPxw0hsCvd9xKx63qqLLN8JGdvbSAMHQhQwWWigYAsFS2izg0IcfxO5_emYnEgAvNwrbrbNvKvhVnY95zd0OPn14zuCT4hFV6shIHvdrGZbar_hVXTl5PWPDzdyCVPuFNkOEIpArxZ0Y1lvqc1dAi96zxzXtdIZhqUnTacNvW5Il2s0xzLsLH0xkMRZuieJSTrr-y4yESg5OJ0RZEaQ6MnSfG3x4TTtOi1EF5Dd8pJ0fi3wNlCa4zmGZSROkhlOUGnDalqB85fbI2hZaaooIysir_KCiixBARCx0JYAxwHIsgfEtCpavA2RkOFsVbjAZShBlGlmbEWUeCRYCpSbwFK4pzzDHRJUvVw6IqKddqvtddvHRLQ7uOUXwY28fZGMJ-bm2MJj4GbCwuajbFExBGd9ZTwGsOda-FI7TanX_tTp_TMiwousyJ8TiYaB6qt5odKHpin7IshpIdombyK85oWKwKX8wIOpLUvaJccCDFKD16WaThDifXIodDD6TF6FOiOTsf_J-PAAmrguMGzKKGerxnyldk5GYxHU8128TS3EokEHOLbXHts9Ghqn6oY2cdmSV3lnKGfDz9FzF-L1HkZB23KrgWOjpQFlOnithPphdXSHurZHXS07oO7FyLoRJ8srUxFO5Fmejxb0Sr6i6TPRxezy4kJZe0AcUcOCIPIK-536R9ZP6lvklGqcU1GIwhb2_LtfTtj9JyPA_A00exG65AIAAA**&click_url=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv3%2Frs%2Fiad2%2F0%2F38f779f5-b74e-4059-8515-050d7c5cf45d%2F0%2FhF7-Yg8mCfKfF_1soP-DcJGjOZM%2F&tm_os_group=windows&tm_device_group=unknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7962) /
Resource Hash
686e660739424dd896e22f46622a30e963c89df24864933df2a586ebfd5cacfa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
last-modified
Tue, 31 Oct 2023 12:11:00 GMT
server
ECAcc (nya/7962)
age
17030
etag
"3106171132"
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
17475
expires
Sat, 03 Feb 2024 16:55:26 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6278 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:26 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6278 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:26 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6278 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 27 Jan 2025 16:55:26 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6278 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 27 Jan 2025 16:55:26 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 6278 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=9TYUGKz6ohKdCWJd_6LmVLvRnK5QQRU7S7kq3A3VgeB1KMxFNUexi86o-v3WP_SCVRQF0QEsUHZWPPailvJsoeqy-bbDOGW8w6MycHhYajeFbEX8y8aNZxBSsvR1Rupo7acolWwZaQCx0VBA65c_SD6VUP7np0ij9CPUStAHxsZDAI4V5--bITUrTCR_l72D3wNfcCNdqBTK599xZVzJNqzNFUnPIoSPT7_zRYb5c5WQZb2_T3PxUwzJ11gML93yYaH5ilD53NdsI-WUZENobsYewfSZzG4HoXhxd_CtJU2HamBUrW1NGxGmBK6Q_7v6CbsOcLgcIxKio0a0Ymcx1bpJruN3JeqBelLlTY9pslxGCfE6Om3UevjynofB8dO3x-QgoG0lR_qYiIoOAgasxaviKRQ2lELdjLd5d6E-N5TleULTZxAcbBpXNRYKxRhBDvLxYQ
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2603772
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3970 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
425afa5a758ac7408f7677c02033109b8a1845a79fa2b74caadf227ee9a5e96f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=us
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Feb 2024 10:50:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64524
Connection
keep-alive
Content-Length
10921
Expires
Sat, 03 Feb 2024 10:50:50 GMT
animejs.js
static.criteo.net/animejs/ Frame 6278 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B327 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COu_CfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmAJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOFjxZ2uLe0EsL2CRIX_X9OnOtRG5h1HyzCqXmhxYnFXcpnVPIqT4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAOACgH6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwGyFxwKGhIUcHViLTU5MDAzMjcxMjE4NTQ3MzUYlK0c&sigh=rBgWZg5qeDk&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_YgsjEohzSOE9Gnw4ZRvUv0Es3AN9qBSHXUHv8HPohNs-2yAU8f6ewZgyAlixwv9U4ILABrRMVu0xQIgoLw2q_IplFtqk4_WV2pEYAQ&cbvp=2&vis=1
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame B327 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kpPQFdeCMNgFWuIinRcCAAAAVZvUPwPuTyJJ9H-rEHwevWX2y1EJQVb2w_tiAAASAAAKCkFRVUJDZ0VCQ2c&wp=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&cbvp=2
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
177283
server
Kestrel
content-length
0
img
imageproxy.us.criteo.net/img/ Frame 6278 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=110&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2F419df4fccfc64c45b6c5b8e31a8992fc_logo_n_square.png&v=3&w=236&rid=4&s=HRQ9bfWPz7ER5q-KW9a3KUmH
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e5aa69fd3c341b04a38c879eb13dc28096b25f97cd06dee8f7894b51e5eb106c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7566
expires
Fri, 03 Jan 2025 02:40:23 GMT
img
imageproxy.us.criteo.net/img/ Frame 6278 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=1200&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2Fa1f1d9acee684a4c843e84bcacde2456_77.jpg&v=3&w=1200&rid=4&s=HvHB8EWGqjkGxZ34h2ydT93F
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2c765616d0bb062058d466d27b37704e0478b15d3e0f35d1b4e32a2cccde8d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
65476
expires
Sat, 28 Dec 2024 23:41:15 GMT
img
imageproxy.us.criteo.net/img/ Frame 6278 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FRE-02-I000000001BA.jpg%3Fv%3D1704911077&v=3&w=400&rid=4&s=OiLxXr4jauktlxb4MEBX_N48&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
adace4e09bd5c7096f2ebff170772d59178a6be1422ee74e67e4188b8e6b9668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17452
expires
Thu, 23 Jan 2025 11:59:30 GMT
img
imageproxy.us.criteo.net/img/ Frame 6278 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FMB-04-I000001AA.jpg%3Fv%3D1698162346&v=3&w=400&rid=4&s=Kz9FHKKNOUotblqgzXGWwMjf&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f9e22db78aa03c8980912c119cc29ec9771133a1cd8aae89840c23dbc7fc5606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
10338
expires
Tue, 07 Jan 2025 01:59:23 GMT
img
imageproxy.us.criteo.net/img/ Frame 6278 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FHO-06-I00000001BA.jpg%3Fv%3D1704910627&v=3&w=400&rid=4&s=WCL5D8UT0bDcyl159A5pKr1T&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
955b9fbfeb7198dc28f0c7063877ee7b4902dd93253c6e3669764935de9c27c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
10462
expires
Mon, 13 Jan 2025 07:31:07 GMT
all
csm.us.criteo.net/ Frame 6278 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=sVbj3p3FUcIwQf9fjR1o9KupmdTcuoVIPn9p8pa48qBQ68iigXGTEQDRfMDEI12jRRDEk1Ld_Yx5Hqak5mSkoeyszAy634tTnsy7cu3KbEr_DzeWSbsOb7UeuG1ngpdg0mK6O6M-2qIsmGJaDZcUcmsXTnairiOJJCHYA6lPy5_4YD5gL574LUkh_HJqwjXB1yNb04Yp0JItaYtiRFnfXY4JAUz7vlDJJQ0FkxGTBC6ISEBvIAwK2VBvwTb2yqCBPJwEcNr-eoYdrRBV&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6278 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:26 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6278 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C82 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_X8p7PJQEU6JyjPwT0JOFV4BcZwLcWQjGnvnqt6iY3gGeZMCKJQDF4JJ2n4Fh25zde85ltjOOY_BU1aO6S4sakJ6uEKkyJf9h3KbOoI1RgV7tTzbEhtbsfQh03pCyhkD48DMYo87KOmEHwj8Kp8fga9YD&sig=Cg0ArKJSzLVZ8kOBsDlBEAE&id=lidar2&mcvt=1038&p=1002,0,1252,300&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20240131&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2063569840&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282572400&rst=1706892924644&rpt=682&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A685 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5fobfR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmgJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK8CiQ2otDVeGsNedX_j3eR0dWpAIedQfRQ2MongX9UbfFlAV-9XgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAOACgH6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwGyFxwKGhIUcHViLTU5MDAzMjcxMjE4NTQ3MzUYlK0c&sigh=9LB4gD9N-dQ&uach_m=%5BUACH%5D&cid=CAQSTQAvHhf_PskFKznk4FrnIfiq6JDSZmbPnU7mAdjKAaFGFUHS5scplH6-d5qxy6sx39GhT6XKmuX3X98nbQbeRN4GA0NC3hviHJJEU_5BGAE&cbvp=2&vis=1
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame A685 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kuHSFaW6MHjYBOIinRcCAAAAI08GOxpBoMlJ9H-rEHwevWX_EfwDjWltyEBZAAASAAAKCkFRVUJDZ0VCQ2c&wp=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&cbvp=2
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:25 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
134380
server
Kestrel
content-length
0
v1.1.html
cdn.izooto.com/newshub/widgets/2/ 		97 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/newshub/widgets/2/v1.1.html
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c82f5a01bae64f72f59003f7fbb4122724c7616016c44a7869457ff27b07ea
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Oct 2023 06:54:24 GMT
server
cloudflare
age
140207
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
84f3f636d9ac6aee-BUF
x-xss-protection
1; mode=block
expires
Mon, 04 Mar 2024 16:55:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C48B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmqQhgfNRp7rEsXZuwsSqUau9Hfz6vSbof3rqxXjfOIKIbYntTKgYh2ejc7eUqRRAUZaDr88G8_56kxylfQPLqDmGY9pNOptgPPP3UE0BPtxSAt3DE8p1P8JHXTCL86_M&sig=Cg0ArKJSzCbrt3qQuZa3EAE&id=lidar2&mcvt=1000&p=888,252,1138,552&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2571400492&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282572500&rst=1706892925338&rpt=142&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
s.acexedge.com/2/tm75/ Frame B448 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/tm75/analytics.js?pp=44337&si=672669&di=www.btolat.com&ac=727394&pc=2643516&ai=4118350305&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&ui=&cb=-2194766152732602051&sr=24042&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&dt=2926111444050714666007&md=DISPLAY&account_id=461365&ap=
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.23.212.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-212-13.compute-1.amazonaws.com
Software
/
Resource Hash
4ac4a6f24597e0c54ea470d7d72885058016eb8e58e9e2e3b94882adc0a18619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2771
Expires
0
/
servedby.flashtalking.com/imp/8/222396;8060576;201;js;AdobeAdCloud;OfficeHoursStatic728x90New8thJan/ Frame D53A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/8/222396;8060576;201;js;AdobeAdCloud;OfficeHoursStatic728x90New8thJan/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20240202115526%3Ad%26s_kwcid%3DAC!W7uJ0ub3JbEPGESXEk9f!4JlDTeb7owADca9yZoOE&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&cachebuster=74094.15158247002
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.1.197.91 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-197-91.deploy.static.akamaitechnologies.com
Software
prod-xre-app21.ash11 /
Resource Hash
642584db0078109f64eea4c2373a14252efe1015b1c649eaa2451798fc539a9d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:26 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app21.ash11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
940
Expires
Fri, 02 Feb 2024 16:55:26 GMT
firstevent
viasat.demdex.net/ Frame B448
Redirect Chain
  • https://viasat.demdex.net/event?d_event=imp&d_src=1174107&d_site=672669&d_creative=4118350305&d_placement=2643516&d_campaign=727394
  • https://viasat.demdex.net/firstevent?d_event=imp&d_src=1174107&d_site=672669&d_creative=4118350305&d_placement=2643516&d_campaign=727394
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viasat.demdex.net/firstevent?d_event=imp&d_src=1174107&d_site=672669&d_creative=4118350305&d_placement=2643516&d_campaign=727394
Protocol
H2
Server
34.201.247.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-247-102.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-00949e323.edge-va6.demdex.com 6 ms
pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
4Z6jiKYYTo0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-08cf493c1.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
0KtfR9qMSXM=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://viasat.demdex.net/firstevent?d_event=imp&d_src=1174107&d_site=672669&d_creative=4118350305&d_placement=2643516&d_campaign=727394
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
PYUnd1ve
rtd-tm.everesttech.net/ct/upi/extseg/pid/ Frame B448
Redirect Chain
  • https://pixel.quantserve.com/seg/r;a=p-T1mksRPv1rGRh;rand=-2194766152732602051;redirecturl=https%3A%2F%2Frtd-tm.everesttech.net%2Fupi%2Fextseg%2Fpid%2FPYUnd1ve%3Fsid%3D!qcsegs
  • https://rtd-tm.everesttech.net/upi/extseg/pid/PYUnd1ve?sid=D
  • https://rtd-tm.everesttech.net/ct/upi/extseg/pid/PYUnd1ve?sid=D&_test=Zb0efgADG5EzbQBI
0
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtd-tm.everesttech.net/ct/upi/extseg/pid/PYUnd1ve?sid=D&_test=Zb0efgADG5EzbQBI
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by
cache-yyz4533-YYZ
pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1706892927.607932,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

x-served-by
cache-yyz4533-YYZ
pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1706892927.560519,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://rtd-tm.everesttech.net/ct/upi/extseg/pid/PYUnd1ve?sid=D&_test=Zb0efgADG5EzbQBI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
p-T1mksRPv1rGRh.gif
pixel.quantserve.com/pixel/ Frame B448 		35 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-T1mksRPv1rGRh.gif
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame B448 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1811&tp=TBMG&tpid=&gdpr=0&gdpr_consent=
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.240.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-240-47.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.213
content-length
49
expires
0
renderstart
statsf-tm.everesttech.net/stats/1/ Frame B448 		85 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/renderstart?mpKey=btXxJqnWClDtkAjBpZEd&psId=FF0GVbl5sGqQAJ8S3ijY&PG=F&vinst=t&didtype=UNK&seller_id=24042&env=site&s=H4sIAAAAAAAAAAEQAe_-WCpuWizHFFlGJOUc3Si7_B05ez3ZdNHzQTBj3ZuA0yM43SzjTcj6iOfeuHzWLK_nEvXvZF1zb9u52A8iY_BvZt7hp7C1yjQ32TpXDwoUPdj58Dyoz2u04Z8MQzud7cnCkTxUqy97-Cj9TM1G3agqo6omqgDcSw6-YvDwMV25bDf8o2pFSrCk9Y9nlbGJ5KjSQ7DTrRizirXVK-iiYwgdMSkvZZZw5riPCr1gn2-eE_ReSfx3Xf6BCX9VJwuU4lP72h7LPgJsr04x9q-b3KYU5UbPJflQTunPdWWaT--XNJ0137jFB14Jr1vOIF56cIyYBD2W3_lYMRJab3sDkZl-iWbwzAAF3Rt5tyijscWO_Rk6CxBIEAEAAA&bi=B094GTOupeOLk4jU6hJcZ_N_MPSEEivIi4r8aFK8G537BSNFOnt7X11ueeES97xGhTToIBkFhNZ0HHAG7NE9fZyumKnTqFmLx6sNh1fss2nlYbq0yrveR2Fidr14nhGdD6q70h9jeqABFPB8n37T9T71kq5J5RjaWKOlBC36VyJeklFNhovlesPfLBet3A2wplUmRQ9FJqeji_9k2Zl4Wdg1M2NOZCw75vn5pAf_j6RAGvBIZOF3EjJrT30_kQ4MZmz&rt=HTML5&auth=b0bf7866a7698f4570a02599701dd8e8&cpKey=4JlDTeb7owADca9yZoOE&sessId=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&price=&adKey=W7uJ0ub3JbEPGESXEk9f&date=1706892926114&conn=unknown&did=&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.btolat.com&astv=20230731&apv=B20231031
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 02 Feb 2024 16:55:26 GMT
via
1.1 varnish
x-pt
P=378
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
North-America
content-length
85
x-served-by
cache-yyz4555-YYZ
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 2 Feb 2024 16:55:26 UTC
rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame B448 		85 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/rendercomplete?mpKey=btXxJqnWClDtkAjBpZEd&psId=FF0GVbl5sGqQAJ8S3ijY&PG=F&vinst=t&didtype=UNK&seller_id=24042&env=site&s=H4sIAAAAAAAAAAEQAe_-WCpuWizHFFlGJOUc3Si7_B05ez3ZdNHzQTBj3ZuA0yM43SzjTcj6iOfeuHzWLK_nEvXvZF1zb9u52A8iY_BvZt7hp7C1yjQ32TpXDwoUPdj58Dyoz2u04Z8MQzud7cnCkTxUqy97-Cj9TM1G3agqo6omqgDcSw6-YvDwMV25bDf8o2pFSrCk9Y9nlbGJ5KjSQ7DTrRizirXVK-iiYwgdMSkvZZZw5riPCr1gn2-eE_ReSfx3Xf6BCX9VJwuU4lP72h7LPgJsr04x9q-b3KYU5UbPJflQTunPdWWaT--XNJ0137jFB14Jr1vOIF56cIyYBD2W3_lYMRJab3sDkZl-iWbwzAAF3Rt5tyijscWO_Rk6CxBIEAEAAA&bi=B094GTOupeOLk4jU6hJcZ_N_MPSEEivIi4r8aFK8G537BSNFOnt7X11ueeES97xGhTToIBkFhNZ0HHAG7NE9fZyumKnTqFmLx6sNh1fss2nlYbq0yrveR2Fidr14nhGdD6q70h9jeqABFPB8n37T9T71kq5J5RjaWKOlBC36VyJeklFNhovlesPfLBet3A2wplUmRQ9FJqeji_9k2Zl4Wdg1M2NOZCw75vn5pAf_j6RAGvBIZOF3EjJrT30_kQ4MZmz&rt=HTML5&auth=b0bf7866a7698f4570a02599701dd8e8&cpKey=4JlDTeb7owADca9yZoOE&sessId=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&price=&adKey=W7uJ0ub3JbEPGESXEk9f&date=1706892926114&conn=unknown&did=&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.btolat.com&astv=20230731&apv=B20231031
Requested by
Host: www.btolat.com
URL: https://www.btolat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 02 Feb 2024 16:55:26 GMT
via
1.1 varnish
x-pt
P=310
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
North-America
content-length
85
x-served-by
cache-yyz4555-YYZ
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 2 Feb 2024 16:55:26 UTC
aac_viewability-ab8b7a.js
playtime.tubemogul.com/ud/prod/pullins/ Frame B448 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by
Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79B4) /
Resource Hash
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
last-modified
Tue, 11 Feb 2020 01:39:46 GMT
server
ECAcc (nya/79B4)
age
54163
etag
"1983306799"
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
13877
expires
Sat, 03 Feb 2024 16:55:26 GMT
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 , United States, ASN46562 (PERFORMIVE, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 02 Feb 2024 16:55:26 GMT
Content-Length
20
Content-Type
application/json
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbe40f03a995c1b1006981f2208e8724282149fec7fa3108bc30e7c0283cdc4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12141
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 16:55:27 GMT
ftUtils.js
ajs-assets.ftstatic.com/ Frame D53A 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajs-assets.ftstatic.com/ftUtils.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/222396;8060576;201;js;AdobeAdCloud;OfficeHoursStatic728x90New8thJan/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20240202115526%3Ad%26s_kwcid%3DAC!W7uJ0ub3JbEPGESXEk9f!4JlDTeb7owADca9yZoOE&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&cachebuster=74094.15158247002
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.142 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-142.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:26 GMT
Content-Encoding
gzip
Akamai-Cache-Status
Miss from child
x-amz-request-id
5JFDD2ZK5CHRPWX6
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
26343
x-amz-id-2
QhqDBSyz0qeOgMeobsDtRq22rphzBA41rYOz+tjT7iqqIsPFtd44M8NWd53N5G52Dej5fRkTpSM=
Last-Modified
Wed, 24 Jan 2024 14:32:35 GMT
Server
AmazonS3
ETag
W/"72851d1caa0fb39691fdc257bcee7227"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding, Accept-Encoding
Cache-Control
max-age=86400
X-Varnish
909113492 887287586
Accept-Ranges
bytes
Expires
Sat, 03 Feb 2024 16:55:26 GMT
postback
s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/ Frame B448 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/postback?oz_pl=1&si=672669&ac=727394&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&dt=2926111444050714666007&pp=44337&pc=2643516&sr=24042&md=DISPLAY&account_id=461365&ap=&ci=tm75&ai=4118350305&ui=&cb=-2194766152732602051&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&di=www.btolat.com&psv=2.118.0&_x=1
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=44337&si=672669&di=www.btolat.com&ac=727394&pc=2643516&ai=4118350305&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&ui=&cb=-2194766152732602051&sr=24042&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&dt=2926111444050714666007&md=DISPLAY&account_id=461365&ap=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.23.212.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-212-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 02 Feb 2024 16:55:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.acexedge.com/2/2.118.0/ Frame B448 		143 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.118.0/main.js
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=44337&si=672669&di=www.btolat.com&ac=727394&pc=2643516&ai=4118350305&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&ui=&cb=-2194766152732602051&sr=24042&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&dt=2926111444050714666007&md=DISPLAY&account_id=461365&ap=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.23.212.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-212-13.compute-1.amazonaws.com
Software
/
Resource Hash
92808cb8119ca72ac647affe1d65e04bc4c2e68130868e0e3f719f7caa13ac9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
46194
Expires
Mon, 11 Oct 2055 17:04:07 GMT
all
csm.us.criteo.net/ Frame 7EC0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=tN_Jq53FUcIwQf9fnsfUfzv3YTH3z5MM4mkJzoCQtksMEyT4623FdTbMszDRNciAJ7qOJo5GppLJLDJdQrAEeELV7elA2QoDDmy6xGndlipum6PYcJNQtSjkbS-krXsh518LUhAh5koX5SqBSpyURzCEGvWbEZmbJaQZ5ia9kmhRYKO_eWRQ2Q2rd9zhsnZNdt00IFmZLWl6eQAAAkXrVlMLlGcjd5XYdUQeexmaBnpSPpXM8-L_fZs7c45P-EKxmRS5Gw&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efAANAUEFWoYcAA7wsW1m_oHqwcMGgtigAQ&u=%7C2DliGE4qZnB0Dc1oAEcUsmO42ZU0108ZchOVuhnAkTI%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD8D9AQ63AfxCIE401V9TZd3n_uGbOG46qMiIm2XZ43HT4VYiyE8vlFD4Xojq42tDmnr26Rs9DX_Fpv1QEN85sVOb1RUjRiSJ_OFTq16O0MLiovQsMnGHF70bXt9pepsidzv8wuZYYSX3Ql6gPN__aHMfxdFcIKlDUiloi6J_hqUE5fH-h25LJuKnUY1DJj8QD4z4ha3vkbVvbhvNGcmorryW155cGEjKyZh3LTAIFuzKUGX2J29ZSYPRvA3yg8LY0egx2yMA9bBas5KudjLEsyqMXR3wpeDQ0e9Nq6ooBLzQQoCTFjRKUI5mFnhZA0Q9UU2P7R35Crw0F26qgQbSGIFDGZ4YqBTOfUfdnUXQSLrQ3WbaX864nGkH98k8tC35L8lf-kVU90JL9i0p7VPIcUTce79Af7bc8QVAOYUn4PFfah2b-w-IhaQWRcb77460X2aNwEvzJ9EGfM_O5HYIDpD0RRI0hMNYG3nxGt1BIbBbNIMDN0N4zPNU4QI2mg51__sof4B2yBYwSX6FkJg2R71RdQ5e8mekmSTXzrHH4OEEL1_dEc-fmBih9_i-SUUsm8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFi-cfB69ZcGCNJyM6toPseG7uAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0BTGTkBb0a5LL7jrFSncjeQw0rOJa1r0bsfYo05t1oY0d5G0PKyym6LbpvKCa4UhyypUMdmBbCZuWeLlNGah2JSsWcQh6JKmZ1rz206EhkqBtGzlT_bOGjWp-1hf6DtQa8vcpXCFHxjgN7nWGRs-Cy6dWUs_KCvWR0xvtj487Am0brrH3lzcAyxtAX1A9qHVWN1igFVeejij1tAiuKuMTZraHjDOijXJXY3A33jL3bmDgUESVaGQvt-kxaO4hljkrlu8NmqNd0anIK16nl_Ktv6WiXx-uB0ZhdVggmlL_g1gOUoAo3roa5U31Z48787B8AEZBXbQX6hqfHVnAq7gty870pZvkjnEaslOJxekMdCu-M_OtXkTQOAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliKj7rTj42EA_oLAggBgAwB4g0TCJK-utOPjYQDFRyGWgUdsfAOF9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1kvV5fBuBvKUsy8Zak3UO6xvJsyQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
latest.json
nh.iz.do/nh/e33a2420443e20bfa49b78c813eaacc658f872b9/ 		838 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nh.iz.do/nh/e33a2420443e20bfa49b78c813eaacc658f872b9/latest.json
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5942eefe94f05d709e07d3370bcc6f18e29d455239ebec6f820a4a308b6cbfba
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 02 Feb 2024 16:31:57 GMT
server
cloudflare
etag
W/"65bd18fd-346"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
84f3f63919f54bcc-BUF
x-xss-protection
1; mode=block
expires
Fri, 02 Feb 2024 17:15:27 GMT
postback
s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/ Frame B448 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/postback?oz_pl=1&si=672669&ac=727394&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&dt=2926111444050714666007&pp=44337&pc=2643516&sr=24042&md=DISPLAY&account_id=461365&ap=&ci=tm75&ai=4118350305&ui=&cb=-2194766152732602051&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&di=www.btolat.com&psv=2.118.0&_x=1
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/tm75/analytics.js?pp=44337&si=672669&di=www.btolat.com&ac=727394&pc=2643516&ai=4118350305&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&ui=&cb=-2194766152732602051&sr=24042&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&dt=2926111444050714666007&md=DISPLAY&account_id=461365&ap=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.23.212.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-212-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 02 Feb 2024 16:55:25 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/ Frame B448 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/postback?si=672669&ac=727394&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&dt=2926111444050714666007&pp=44337&pc=2643516&sr=24042&md=DISPLAY&account_id=461365&ap=&ci=tm75&ai=4118350305&ui=&cb=-2194766152732602051&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&di=www.btolat.com&sid=AoeyvXoEBaEqHZE3&oz_sc=a1d411d40ed01af457a73d82&oz_df=1706892926811&oz_l=3321&cv=3
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.118.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.23.212.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-212-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 02 Feb 2024 16:55:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
container.html
19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA23 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:24 GMT
expires
Sat, 01 Feb 2025 16:55:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 4684 		237 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7d92cdab826eaf9fdae90a61cf8bf1048ece8e2515ed7388513180c78d408f5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:26 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=5BP_Hp3FUcIwQf9feeKNMGaCO3a6Z8Fl_i226qBEn-oyZaymJ3kIkC8lt6NPTa1_brlL0EDdr0M1TCZ8RCVL0cmp0ChRmSzmMrIYdWszh6DoH5qfIUU3P-h-e7vghKC9QuyJH4gsnS3hGDkrTeJAKCxrjNp7OwZpZiZCCIJkJWU_6dCAj1s4sXlogrWNKOwaLkUCpWn8LLt81Ls2G-QhB3_K2cLIxx2UnAFdlc5Wdj0Zc26dzpE8ad0FdEDJ_FtBPdP_Zg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
100920913
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame EA23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/window_focus_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 23:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:24:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/ Frame EA23 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 23:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:24:24 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EA23 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:16:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
113949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 31 Jan 2025 09:16:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EA23 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 16:55:26 GMT
8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55
https://www.btolat.com/ Frame D7F7 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
4582054.json
agen-assets.ftstatic.com/display/8060576/ Frame D53A 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://agen-assets.ftstatic.com/display/8060576/4582054.json
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.174.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-174-12.mia3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63543ac611ea6e2eb8736a99f1da779b505e28d1f5765657eee15b3c500c375a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:17 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.1), 1.1 bb2a3e4214ab75e7df49cdf743a8dc6e.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P4
age
11
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1153
last-modified
Mon, 08 Jan 2024 20:38:32 GMT
server
AmazonS3
etag
W/"1c0cd2bbb92943baf50c905442448aa0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=30
x-varnish
310850726 312350993
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
KBIc7DY5e9qGZs_mIzz9IWIKY8X6T39Kzl9B1hN3rIs4YuyADP7Ygg==
activeview
pagead2.googlesyndication.com/pcs/ Frame A591 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpdnJ81jG_oULlhM8gMAKWJvj7NpKNd7O6ihACjjKav-IavxqmGIjbNurftwFTuVHjWN2SzgquGYt5oygEjWPHCcem-8pjD_R7l1nypJ7X-q5J2V4SeEVpUJ5nCPYVBt9QbphNThUV9pauRB3ITY_FNWEO&sig=Cg0ArKJSzFW3RguR-G5wEAE&id=lidar2&mcvt=1005&p=190,410,590,1190&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240131&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1753927974&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282572500&rst=1706892925774&rpt=132&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 3970 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b08401febecfa1b1a0c0270265f29df4
Expires
0
truncated
/ Frame EA23 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fa71e7467f5753851c8f894900ba191f21f8d91ee1142e8a4b766010928f01b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
90cfd75b-9af1-4f1d-9a0b-7a8704b41ad6
https://www.btolat.com/ Frame B448 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.btolat.com/90cfd75b-9af1-4f1d-9a0b-7a8704b41ad6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a2681dab2f9ff15961d78a6b6d0023c6c7746511fdf4413e497c9ce88572ff9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length
817
Content-Type
adview
securepubads.g.doubleclick.net/pagead/ Frame EA23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6xVvfh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoElgJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpdIbBhXC0WvjPG0K1-4JPFYOvYva9CXm9xIBKzr4ipCCcwznr4eAEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA4AKAfoLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAbIXHAoaEhRwdWItNTkwMDMyNzEyMTg1NDczNRiUrRw&sigh=usuEVO_M4T0&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_kRRJjpzOVP1CGjNSzyZ1Y-4sKj34405rtHmMtYEzDZYh5xkRoTOBlJ75OmODFGu-NtL7FhPsE2a5O96KxIH1TpNTVp4qHEtmBBsYAQ&cbvp=2&vis=1
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame EA23 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kuHSFdWCMKwC-gHiIp0XAgAAAAoULoG-lxmXSfR_qxB9Hr1lLqzHWMkP0rXQwwAAEgAACgpBUVVCQ2dFQkNn&wp=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&cbvp=2
Requested by
Host: 19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
208952
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4684 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:27 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4684 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4684 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 27 Jan 2025 16:55:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4684 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 27 Jan 2025 16:55:27 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 4684 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=B4kwzZW9UW_MO_BYjRt90oIhqikMv-Gf4H6zyB8iEQrFIVcdJFDPqcDdDyPh1rEO0uL50hUV3z3mKeZO7kL_Ay-IqNBQYjjIZCP0dXVktFS2NZilshmGi4ABAa5IFmoDRhIakNY72iJnrv7diBTcCYNk5cle5ivu4YVa9oLg7kvyll81MejQONplmiZlbCuYzbBVxxsIwxxQxkrAuq8FJEvykQrra3o2cicmWA3-tSaWf46c5XLOwqTZFur0E1iBj75uD08KjJjKHIX9Sj1xOevZbl3kBQGOyqpZh203rQ1CMYDcpyGb9dOLCsIc4Dl1u18bXqgx4SnArmegbOq0VRlEbyRqIWZONc4hEQ3Vc4eeGbTRooJBY_5o5xixMrl74IfPAYTNCG4iC7MVzpsMNbTrkBjX_hX1SV0DmNpt3Ym5U3rkkbRgrWd5uU6DbiOYtcXYSg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3070631
expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B327 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviwdNB6pz7ZAzlP4jaNBKsGAOcBAHKL091KmIJXruSspHxaQH0bh8qvrhxwXb1tKJ7QeGXS6Yf751AmylX7zFYZMkRXJrvXX62KoJo5-oTh4pC4mAilJ4cn0DWkXEnFmE&sig=Cg0ArKJSzBds20UHOQ6cEAE&id=lidar2&mcvt=1015&p=82,436,172,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1278542363&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282572500&rst=1706892925755&rpt=233&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 4684 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:27 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=76&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2F149d51260c774f4ab6ea9aaaeef8a0dd_logo_n_horizontal.png&v=3&w=596&rid=4&s=ZF5UkiqHwv2_Z6LKiTamofdT
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8b1d19cea7be46f8a2330c4e33f66b525f2f864c3f3d9e326ba0abfcc1bdcab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11138
expires
Fri, 03 Jan 2025 01:26:47 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=1200&m=0&partner=100785&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100785%2F230221%2Fcae19fa598024fb295715fc0d1a00ab2_777.jpg&v=3&w=1200&rid=4&s=J6J3RXYlte8fUMmAs5qC_ndS
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
809e42776eaf995aa904055e1262fab049761974508b1aae40a1bf38d1de12f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
34488
expires
Fri, 17 Jan 2025 12:39:23 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FPINK-4C.jpg%3Fv%3D1652342189&v=3&w=400&rid=4&s=Krhzw8VGeeKkXJQeKLUYmalk&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
45ab87506d84558242990d81fcad9dd508df6719f60851edb6765ec8438a3f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8454
expires
Sat, 18 Jan 2025 11:21:45 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FES_05RH-Gold-AA.jpg%3Fv%3D1680784719&v=3&w=400&rid=4&s=cJ5u6nGoE_sZeXj4T1IVwIQD&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
00fcd208be9dd06d82b38bfaa8244c5f0cf1e54b8c6c3223b40f75ac4f05d0d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17808
expires
Sun, 22 Dec 2024 11:14:56 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FXM-04-O2BA.jpg%3Fv%3D1699370057&v=3&w=400&rid=4&s=YvQ_kg5JuUKSgnyHPPwwzhr9&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
290ee15eacb8b58fc7928de2588910d1a5ed2f868b5a178bb0fbf22b2d17271a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17848
expires
Fri, 10 Jan 2025 13:51:50 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-01-A0001AA_962d361a-e70a-4b5c-92c3-4a064d483ec7.jpg%3Fv%3D1694967992&v=3&w=400&rid=4&s=IM0wuG9ha47Fiqfm4aSR3da_&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2fe101c0179046604a21b2762c7e7e44d98646267727910c9fb30383eab3302e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
21568
expires
Fri, 17 Jan 2025 20:58:26 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FFA_27RH-Gold-AA.jpg%3Fv%3D1680784860&v=3&w=400&rid=4&s=EPILbcxw8izGOS0xZQlqVISi&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f9b132529090980e330ae6f6b25043a84b9267589910a7dbf35517ae49ef58b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
24700
expires
Thu, 02 Jan 2025 18:08:30 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2Fwb-ebook-cover-main.jpg%3Fv%3D1655467876&v=3&w=400&rid=4&s=Zr9WiV2MINlfZiNFpeAhI0zd&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
beb00a215efa07f175d2da5d59bea3578ae9c67b1699cea139ee9f4b44e53a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8462
expires
Thu, 16 Jan 2025 13:10:30 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-01-A000001BA_5d8b6af8-85af-40ae-8057-c0779ec410ee.jpg%3Fv%3D1702455025&v=3&w=400&rid=4&s=t7rnM4g5eTUCazHMQmIdE2Gg&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b3878d13a99341ea76a01f302cafdeebc46c68a7f7aa19147082cbfb982bff9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19578
expires
Sat, 18 Jan 2025 12:08:44 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Fproducts%2FCH_03RH-Gold-AA.jpg%3Fv%3D1680785059&v=3&w=400&rid=4&s=ma_O5EeqKHNhGbUrSW1FAcFZ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0f9f01e8064d566684054758dfdc481639db181059c52549866e99e37ffe1ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
10924
expires
Sat, 11 Jan 2025 01:05:03 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FRB_02RH-Gunmetal-AA.jpg%3Fv%3D1697575616&v=3&w=400&rid=4&s=lUos4uTideiRR1PToAZGKovz&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d96e44e1a76d557cdc349d7fca20de807afa97afebac848a0cce8bae4360ff29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13446
expires
Mon, 30 Dec 2024 11:55:40 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-01-A00001AA_629f16ee-d87e-4a70-bdab-d3b760730699.jpg%3Fv%3D1694967971&v=3&w=400&rid=4&s=nBed9QC6PUGIz_dUt6-q5Ncs&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
23c7382cd0c416b60c0664ec0443947e42abd1e9723db9458987c16ed86f2719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
21266
expires
Fri, 17 Jan 2025 20:58:26 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FSC-02-A000001BA_d8602aa5-90b4-40ba-b39f-e65147891d0b.jpg%3Fv%3D1702460774&v=3&w=400&rid=4&s=pyOnsDllA1FAE5MNg6GGQQq1&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e92f36645eb1ab6563e9388e3330555862b3b120edd9190890f8988af3edd4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
14320
expires
Sun, 19 Jan 2025 02:24:41 GMT
img
imageproxy.us.criteo.net/img/ Frame 4684 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100785&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0602%2F8086%2F4941%2Ffiles%2FFA-04-I0001AA_4be2a2cf-8a57-4849-a95b-0073a84c98fc.jpg%3Fv%3D1698161864&v=3&w=400&rid=4&s=a-NIi65EI6BsokZ1OO0c2v5F&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b3333bdb28bf79584e3d9cf65fd2a59df10ba444511bbe58a3a56cce39dab724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19230
expires
Thu, 23 Jan 2025 16:19:12 GMT
all
csm.us.criteo.net/ Frame 4684 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=5BP_Hp3FUcIwQf9feeKNMGaCO3a6Z8Fl_i226qBEn-oyZaymJ3kIkC8lt6NPTa1_brlL0EDdr0M1TCZ8RCVL0cmp0ChRmSzmMrIYdWszh6DoH5qfIUU3P-h-e7vghKC9QuyJH4gsnS3hGDkrTeJAKCxrjNp7OwZpZiZCCIJkJWU_6dCAj1s4sXlogrWNKOwaLkUCpWn8LLt81Ls2G-QhB3_K2cLIxx2UnAFdlc5Wdj0Zc26dzpE8ad0FdEDJ_FtBPdP_Zg&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4684 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4684 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 27 Jan 2025 16:55:27 GMT
all
csm.us.criteo.net/ Frame 992F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=gyJnlJ3FUcIwQf9fgmuKdOVZZRfg5GS9kqF3GNkX8kXBXP9sHNYxn4RUdJiuezzoBZEEHa3S1ItgD2FDyYywrxPDO_lJDkyZ28b-hQ9yKTHz4zjjj0Je0hwS6oLiMigLL_sFe-UBM8s8Mgb531Wl_JhYagiva6YN7k0uHCm2Kx5X4YEuamBmH_FwOEbUjVO7hCVhLm5W3K7gEq0rdVsbSCah78IZKBwy0HqFvtaqZ9el3jlFMc3QKCi8ULNxzyfOWbsFcAC33RaeghIW&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAEfCoFWp7UAA5zomv4VspRXoN9UuPLTA&u=%7Cd8YE7lp2MNlmiFxvzOJUU3aC5m6R7edn08xbzANmhGA%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdsIMYUOBJF00S5jcBMhVSK8OHs4Fq7mkJjQLH4ZhbkiN2nxJBuDYO8E-GgELuRcUzkZJOTuXQRt-JGCvooAmiP1kvOvhi3CHM4TxSXSLUBzySaDdUDvgi-4ZaUA3FeSc5WIH3cf3pX-U8a6K8CEK60o62DAsMiHwYQ5avO9askK0L-7a1-fo89ms1n2w-yRVwYhikhm9Xfm95C2rjM6NnrECF9xQJLmc4LYM-b479HY-m52Bm8BLEb4rO3N1BgS77ixR8jl5Gyup70583YHEvhT6QW2CpU_K5PZyiJBVtrWpg-f2i-kUJC8xkkGZDYQQysJxgj4b7aeicLnVkMA8lyasGP8czNdImPcX1HDGqUe6i0bCV05bhLBJT7EwtggrKcYIcSicavysHmKhhfCGvUY-KkgBFAgND3BNE5AswWEmSrzQK1KZDT5WuBPBCj20nukNu7EDYyIGtTVAS_RZxoMm1OjOFnWD6aUue0JFrq3eQDTl907859jOYvXRkd8F1Uy7h7FC45a2g9C_Ak2qk0ULv4x-B1BBJufzLbh2UluASuUKFjzogU1F4lr3Xu_w0rC697JV-zIvMhh35w1CKfI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC10gGfR69Zar4EdS96toPoue58A6cge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmwJP0NUkj2qfBYV9Z9uvWfTVwULdsn3yXd_GF8vPSwzd50z7xuPomMYMBW06sHcjg3DlxBmJYBEX5D1SluPRSx1BDTs345G2j1WUZRi9-0KpPWskpgJ-IaBIlAghPsV0gnLlzmD2OOqkc1WOqmySvzCS59GMqeqmRHXebaq3Vq58wRil3dAsJM816AROLoLMqeFLgc5ic7bHhZeLsr3c5N7cxSLrkAHtv2DzE9-31XpAQJjkebIxrw57ND_Tfaq0B6NRKDWiLnvDFi-4FkmTiXZ1-678hWrkJ_gSKVSH3lLNy12EU4l1Ju-rCO9liHhqYJWKPOEhx70861DvyjRpe1FzZjQDi9tu7zNfD6tZJOG43G97ahgRqLN0F9Ew4AQBgAaPndjq5OuHoDagBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY-4-604-NhAP6CwIIAYAMAeINEwjCz7rTj42EAxXUnloFHaJzDu7QFQGAFwE%26num%3D1%26sig%3DAOD64_2HAL6FoRCyUMfsfsRDwyib8WfECQ%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
postback
s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/ Frame B448 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/postback?si=672669&ac=727394&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&dt=2926111444050714666007&pp=44337&pc=2643516&sr=24042&md=DISPLAY&account_id=461365&ap=&ci=tm75&ai=4118350305&ui=&cb=-2194766152732602051&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&di=www.btolat.com&sid=AoeyvXoEBaEqHZE3&oz_sc=a1d411d40ed01af457a73d82&oz_df=1706892927117&oz_l=21228&cv=3
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.118.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.23.212.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-212-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 02 Feb 2024 16:55:26 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B4D6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
8344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 14:36:23 GMT
expires
Sat, 01 Feb 2025 14:36:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 49D1 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3eb739d67ac21cf2a3a4c877356d005501d2c65e180f29e144960b9ee49dd739
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J1f8RUQuP9kBj6u1gF9nqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.btolat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J1f8RUQuP9kBj6u1gF9nqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 16:55:27 GMT
expires
Fri, 02 Feb 2024 16:55:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame D53A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-52.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
Server
Flashtalking (AKA)
ETag
W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
413862034 236107414
Content-Type
application/javascript
Cache-Control
max-age=50347
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5545
Expires
Sat, 03 Feb 2024 06:54:34 GMT
1878314-OfficeHours-Display-728x90.jpg
cdn.flashtalking.com/188505/4582054/ Frame D53A 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/188505/4582054/1878314-OfficeHours-Display-728x90.jpg?895678244
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-52.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
6012d737070faf0fee1bc56da6c9dc9e63ea8e49efab3ac19182b7db3a41d4b6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 16:55:27 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
59965
Last-Modified
Mon, 08 Jan 2024 20:38:22 GMT
Server
Flashtalking (AKA)
ETag
W/"2a4b6e53fa1d1b4176e21f7b399edf19"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1108
X-Varnish
514201056
Accept-Ranges
bytes
Expires
Fri, 02 Feb 2024 17:13:55 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame B4D6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:11:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
74654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 Jan 2025 20:11:13 GMT
ecm3
s.amazon-adsystem.com/ Frame 3970
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WomJjm2FTSKEl7pUhl8oVQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WomJjm2FTSKEl7pUhl8oVQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WomJjm2FTSKEl7pUhl8oVQ
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
54RGP1RW9W0HJEXD6GW8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WomJjm2FTSKEl7pUhl8oVQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 3970
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LS4VZ6H9-1A-F8LC&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS4VZ6H9-1A-F8LC&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JZBG789YMBC4WBQNWMQT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS4VZ6H9-1A-F8LC&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3970
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=726b63e6-02f2-4558-b267-64b7d0483091&gdpr=0&gdpr_consent=&expires=30
42 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=726b63e6-02f2-4558-b267-64b7d0483091&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=726b63e6-02f2-4558-b267-64b7d0483091&gdpr=0&gdpr_consent=&expires=30
date
Fri, 02 Feb 2024 16:55:27 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 3970
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wgopCWhF-9_3bKS5aaBBt8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hNLsCBE2oJyMz_gi9OXKi3czVORkBxSNwVWmg--~A
42 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hNLsCBE2oJyMz_gi9OXKi3czVORkBxSNwVWmg--~A
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hNLsCBE2oJyMz_gi9OXKi3czVORkBxSNwVWmg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3970
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFkJLNFW40iDY2uW1iV9OAM&google_cver=1
42 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFkJLNFW40iDY2uW1iV9OAM&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
207bf73b93f199ba0825203b77fa46ae
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFkJLNFW40iDY2uW1iV9OAM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3970
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFM0Vlo2SDktMUEtRjhMQw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJFpVsti-qfR18UCZVVwHzE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0Vlo2SDktMUEtRjhMQw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0Vlo2SDktMUEtRjhMQw==&google_push=
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM0Vlo2SDktMUEtRjhMQw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3970
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yUe4UxrWRwSpM5H4tj56tw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yUe4UxrWRwSpM5H4tj56tw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yUe4UxrWRwSpM5H4tj56tw
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PGSE9XTSEZRBAE4SK7GC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=yUe4UxrWRwSpM5H4tj56tw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
961e708718863ce5d2a91761d33d869a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 3970
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS4VZ6H9-1A-F8LC
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS4VZ6H9-1A-F8LC
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E3620E253BE64D8A9570804A0DFEEF78 Ref B: EWR311000107031 Ref C: 2024-02-02T16:55:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQaPqguLn/tajzKJeweA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS4VZ6H9-1A-F8LC
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08401febecfa1b1a0c0270265f29df4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3970
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQ4ZTVlNjViYzEwMjc2YjQ1MGU4OGIwMWViYmI4MDExM2FkZGQ2Mw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQ4ZTVlNjViYzEwMjc2YjQ1MGU4OGIwMWViYmI4MDExM2FkZGQ2Mw
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDQ4ZTVlNjViYzEwMjc2YjQ1MGU4OGIwMWViYmI4MDExM2FkZGQ2Mw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3970
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABSlE7Lej0AABNxUayRiw&expires=30
42 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABSlE7Lej0AABNxUayRiw&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
961e708718863ce5d2a91761d33d869a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABSlE7Lej0AABNxUayRiw&expires=30
Date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 3970
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS4VZ6H9-1A-F8LC&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS4VZ6H9-1A-F8LC&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS02eU5GcHBCRTJ1R3NmSmZDa3Z5RTdzRTdScEN2aG1JSn5B&ovsid=LS4VZ6H9-1A-F8LC&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS02eU5GcHBCRTJ1R3NmSmZDa3Z5RTdzRTdScEN2aG1JSn5B&ovsid=LS4VZ6H9-1A-F8LC&dpid=58160
Protocol
H2
Server
104.117.182.208 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 02 Feb 2024 16:55:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Fri, 02 Feb 2024 16:55:27 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS02eU5GcHBCRTJ1R3NmSmZDa3Z5RTdzRTdScEN2aG1JSn5B&ovsid=LS4VZ6H9-1A-F8LC&dpid=58160
date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 3970
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f03de5a0-48d6-4d56-ad47-651eff7d0127&expires=30
42 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f03de5a0-48d6-4d56-ad47-651eff7d0127&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
961e708718863ce5d2a91761d33d869a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f03de5a0-48d6-4d56-ad47-651eff7d0127&expires=30
Date
Fri, 02 Feb 2024 16:55:27 GMT
Connection
keep-alive
X-CI-RTID
fb0271c1-ee32-42d5-a33f-0bc027af9f73
Content-Length
144
Content-Type
text/html; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/ Frame 3970
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS4VZ6H9-1A-F8LC
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS4VZ6H9-1A-F8LC
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS4VZ6H9-1A-F8LC
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LS4VZ6H9-1A-F8LC
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
magnite
prebid.a-mo.net/setuid/ Frame 3970
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LS4VZ6H9-1A-F8LC
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LS4VZ6H9-1A-F8LC
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LS4VZ6H9-1A-F8LC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
207bf73b93f199ba0825203b77fa46ae
Expires
0
pixel
capi.connatix.com/us/ Frame 3970
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LS4VZ6H9-1A-F8LC&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LS4VZ6H9-1A-F8LC&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LS4VZ6H9-1A-F8LC&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84f3f63f5b5436a4-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 02 Feb 2024 16:55:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LS4VZ6H9-1A-F8LC&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84f3f63eea3036a4-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 3970
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS4VZ6H9-1A-F8LC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS4VZ6H9-1A-F8LC
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS4VZ6H9-1A-F8LC&ckls=true&ci=n5Yvn0NDSO&nc=false&trid=-121876120
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS4VZ6H9-1A-F8LC&ckls=true&ci=n5Yvn0NDSO&nc=false&trid=-121876120
Protocol
H2
Server
18.173.219.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-12.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:28 GMT
via
1.1 687f50ed8be10041d824dc8ad7bb0622.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
TsiaKWNgmULNxdc6q3tIdEsoFGHzmhhugVez9z-HmrsZJys5sWc-6w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:27 GMT
via
1.1 7bd20765fb335de036eff4682be365d4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS4VZ6H9-1A-F8LC&ckls=true&ci=n5Yvn0NDSO&nc=false&trid=-121876120
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
WdH3rxfDyxDPxbiIzXPbxsYylwPy20wx-wgt92jLot-GFDqhsxTwfQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A685 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRye1jVw3Hd2s_g0mrn2H5f9LM4IlcA_CN8szsp70NryihLxymx-3bPSDzYZ1YpuVsGJtazhgZnSs33VsR1LPHHQoZQ0y1vrekWKJPuFv7SsA_RwVmq1zNdxVxb8-RMyw&sig=Cg0ArKJSzDh5iM1S0u8VEAE&id=lidar2&mcvt=1004&p=180,125,780,245&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3177319226&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282572600&rst=1706892926084&rpt=178&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 49D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290101&jk=3625675438570024&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B4D6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4kLn2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
ad-events.flashtalking.com/state/8060576;4582054;0;271;E977BE09-6F28-8D0F-A2CF-B64FA44112D8/ Frame D53A 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/8060576;4582054;0;271;E977BE09-6F28-8D0F-A2CF-B64FA44112D8/?cachebuster=482395032
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-116.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:27 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame D53A 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-8060576;4582054;0-302-0-0-707994000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-52.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:27 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Fri, 02 Feb 2024 16:55:27 GMT
all
csm.us.criteo.net/ Frame 6278 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=sVbj3p3FUcIwQf9fjR1o9KupmdTcuoVIPn9p8pa48qBQ68iigXGTEQDRfMDEI12jRRDEk1Ld_Yx5Hqak5mSkoeyszAy634tTnsy7cu3KbEr_DzeWSbsOb7UeuG1ngpdg0mK6O6M-2qIsmGJaDZcUcmsXTnairiOJJCHYA6lPy5_4YD5gL574LUkh_HJqwjXB1yNb04Yp0JItaYtiRFnfXY4JAUz7vlDJJQ0FkxGTBC6ISEBvIAwK2VBvwTb2yqCBPJwEcNr-eoYdrRBV&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efQAKYv4FWrDvAAxmIS7ZZhNCFmmQFUA21Q&u=%7Cd8YE7lp2MNkAJ83Uyt9hSEVmBa2y3F6ibLcen4buHAU%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK2ZA0gZ5vantnCLATFvNDnKvjQPohXL5LdtDSzqldr-7lYUj77qimBqCoAjiNo78ZbcEAguNo_fjTn0aWnPOgc2fGMiBQVFTlT7ylCF_v60jQ8pVf9Wgz10Z7Y9zW86158gXjbfWCqo0CwnSmpVVa6rup5J0vjZv9YMDgS59058AW8UWMKpNiap0Sg8Qmaoh4Dt7fVNgJvA_Km-HPV591Ki9M8fcUezdKt3fKv1Qf_l_zULbYEgT3C3eQhzJxAyECrtfGr8zceg3MrlieoK06i8Mzq1apSWzatpIC1vIuKrBLyQ3ibYqqvEvDalTN0OFsnnDZtaaP8mV3p9eDHt3LjhwUa2atYN9zYX7R_i_ECRcw7S4zz-AXiJYT70ravv9UqSesLKDA8BAPzCR4LGrNZnyhg9n1tjGVex1e1CxwlI_7pS_zSC4yEmea3jf2FSWVa2kAaVVDxQQ9VasanENGucKtZYyApUVKq1K_EM8PNrdRrj9tNsx1tQBJeecqyikMNv4FQdcoXZ-k-nO8fH1LilKJDHrJnx9j-omoZa0L7eyYlOpJXm7DcQPfDGdEbrDci4Qwuw7bQGov--SGL21ryI2LzN9unTMMe2BfPEHtfrjI2oxEG5OIcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSc0ofR69Zf7FKe_h6toPocyxkAGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEnQJP0Oxr3_PZiBQ9-85E_M2r871jDXzb-FzPkFUw-wH7ovJVcPDXnCTpwW76rx0j0c6nCWHdrhTgbBqH44S5_OxYWHPpL8QBhUkjpzLLyFJrNuHUd2XujpNh30fuy6-eRw6hcPZ2ValuVVYBI317P8Rb4Ddf2Wg2i5b3JVIDpQga0kmFjA1ifB--cGEzASopcBtLXeGv0lUn6f_NV_QOIGJuOq5LR31jAxcrTR3VxqiqLxCQE492miEwla-VNCapFiBXlozG6fJUcgxVallSI_JbmDDE3nUIWfqE0VVXQrHDZIQFdAAA6dTkDdQDgrbAgYJqL9sKK4KgY_jrsLz8OTyii3TOnrmsVbgBV8zb3v72K7Gp62rHl5SBwjKa-BrgBAGABteH9b_eiobi2AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYzZu604-NhAP6CwIIAYAMAeINEwi087rTj42EAxXvsFoFHSFmDBLQFQGAFwE%26num%3D1%26sig%3DAOD64_3lBkJ-JhrK5pWIPNAstjT_t-dPVw%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
vimp
statsf-tm.everesttech.net/stats/1/ Frame B448 		85 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/vimp?mpKey=btXxJqnWClDtkAjBpZEd&psId=FF0GVbl5sGqQAJ8S3ijY&PG=F&vinst=t&didtype=UNK&seller_id=24042&env=site&s=H4sIAAAAAAAAAAEQAe_-WCpuWizHFFlGJOUc3Si7_B05ez3ZdNHzQTBj3ZuA0yM43SzjTcj6iOfeuHzWLK_nEvXvZF1zb9u52A8iY_BvZt7hp7C1yjQ32TpXDwoUPdj58Dyoz2u04Z8MQzud7cnCkTxUqy97-Cj9TM1G3agqo6omqgDcSw6-YvDwMV25bDf8o2pFSrCk9Y9nlbGJ5KjSQ7DTrRizirXVK-iiYwgdMSkvZZZw5riPCr1gn2-eE_ReSfx3Xf6BCX9VJwuU4lP72h7LPgJsr04x9q-b3KYU5UbPJflQTunPdWWaT--XNJ0137jFB14Jr1vOIF56cIyYBD2W3_lYMRJab3sDkZl-iWbwzAAF3Rt5tyijscWO_Rk6CxBIEAEAAA&bi=B094GTOupeOLk4jU6hJcZ_N_MPSEEivIi4r8aFK8G537BSNFOnt7X11ueeES97xGhTToIBkFhNZ0HHAG7NE9fZyumKnTqFmLx6sNh1fss2nlYbq0yrveR2Fidr14nhGdD6q70h9jeqABFPB8n37T9T71kq5J5RjaWKOlBC36VyJeklFNhovlesPfLBet3A2wplUmRQ9FJqeji_9k2Zl4Wdg1M2NOZCw75vn5pAf_j6RAGvBIZOF3EjJrT30_kQ4MZmz&rt=HTML5&auth=b0bf7866a7698f4570a02599701dd8e8&cpKey=4JlDTeb7owADca9yZoOE&sessId=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&price=&adKey=W7uJ0ub3JbEPGESXEk9f&date=1706892926114&conn=unknown&did=&burl=about%3Ablank&rurl=https%3A%2F%2Fwww.btolat.com&astv=20230731&apv=B20231031&w=728&h=90&pw=728&ph=90&vw=728&vh=90&vwbl=t&vver=20200211&vpct=100&ifr=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 02 Feb 2024 16:55:27 GMT
via
1.1 varnish
x-pt
P=376
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
North-America
content-length
85
x-served-by
cache-yyz4555-YYZ
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Fri, 2 Feb 2024 16:55:27 UTC
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290101&jk=3625675438570024&bg=!FBelF1jNAAa8BdJLnAU7ADQBe5WfOAHVsoeqdikJFwJ69XyATkmCxxNygWg3-jTvLzZpL9XxKB3lSOwaFC9S6uKNTkEQAgAAAFFSAAAAAmgBBwoAQFP1q6cEpeTURLflnJeBgPGi3mQevhDpvgNJOCrNDY7LTDMHU1vLkHNQ77mP47m8OhSESozvK5ieryLUlgdtp12ZAsN7ZinBh8RlwcvltB43hjlNApAp--Njn0U1-mAJaSO4BPrjEhUGJWEIiNO_9oPzkmjzbF7EZQSKb1pWahpGqCpzg-tSXcb4Ja79lWVOGcBNQUFQ0Ojxxc6ljWiM90fq8Giv2N0tD-jU2VI5LONIvlWto8opoov6jqwuR_CE1M6EfsoEenMehrr_tCFgt3IFGgMj7UqFZiEdI6AuoLVLFU_HIQ_Rxgt1QKDqaHbaV13nHGxFTUHoHXWtcni-cnwBsQD4e9nWrsooyO9I12dDlHXM-sXUlpnSnNJkaPlItmPImwd-CqjrFak0A6OqDCFLeLeGO5v2A_tQNDRkWI8DrjGIa-Rlbm5BmgU0T8WWfKNmkwwnWpKkrKZTfBa7-v9qQKMHI5jcIapK1uTExodNbxiK5BnZHw_LEV9tbkNYhoQKomhtKFscUhuNEl3ktRZxVzeEeCpNyXViDSxNwecFqMPh25fMeqzGqjv2Ppf671DSY8A3-NeaYVpj2eSG19vVWstjcbxm__y1YxpvjWeaB2QzyI4mXuQUogm5txi4zxIEsju0h5w1e1YxSa108raCWFJpymuLlfXwnI7dc5o9FZxYgyoLwozWSiP5tJdQetMApwd6CNCVdkXMCbNgZdadu79axtDrLOxN9ILOF2kyxxPm7MtzQrMVFL_dkbc2DbkAE1rgbnS4HTkT1oeoIg8X_cPkzpBjlz-SNS972377LG8klxtfxgdazmUq5XYzCRqgIEVmW8j7RmRmLmvV_LiCdTcaq2wgMFyquu3o2iXdZawYEZQ2x1jDAE23sPfUwWxBMVe9bbpt_v_dHv8eWyklrb5qXONu5nqem50kXAqw3RZpz1WEi-8MTQToFwxzzjy1owU86iQz2CsRzjUjzMvkWoT7eErUO6WHwSavE-lxTr7q9DBgnvpxE4xhaVA4ilXSuqwskA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame EA23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2N4BnqXla0IITYlTJvRURUcfaX0LEQHd4Rheca09Ny-kfZpZp_Enb5Ev5Pua2hyiNtPXyF-afrUljT-h-3X6E-6etsYtVZADH-vUWuKjYZwg9dRUekgC2HCuGucL8KP4&sig=Cg0ArKJSzIeFjEAxzTG-EAE&id=lidar2&mcvt=1000&p=185,252,435,552&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3525699108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=282572600&rst=1706892926823&rpt=155&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame 4684 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=5BP_Hp3FUcIwQf9feeKNMGaCO3a6Z8Fl_i226qBEn-oyZaymJ3kIkC8lt6NPTa1_brlL0EDdr0M1TCZ8RCVL0cmp0ChRmSzmMrIYdWszh6DoH5qfIUU3P-h-e7vghKC9QuyJH4gsnS3hGDkrTeJAKCxrjNp7OwZpZiZCCIJkJWU_6dCAj1s4sXlogrWNKOwaLkUCpWn8LLt81Ls2G-QhB3_K2cLIxx2UnAFdlc5Wdj0Zc26dzpE8ad0FdEDJ_FtBPdP_Zg&sds=2&rev=90469&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zb0efgAAh9gFWqY3AA6yQkd6T7aQz3x4ppXb3g&u=%7C6VPTWXOq3MKa7RNrgnzX43AA4NxWCB6HYs3EQE16TNY%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqAb79lxbNLn-Y29LVqxBSOQhZKVxZui5pXNlU4WPrBd9-dzZ-iTLkdkSl-LizjqX21M3nodhLZD_4O2JbiKKHQQ1Qx_ApDdIAdDDTqEIWKrT3OCwaz7juBkYpbffRkeykhYgAmuw6LxLEqjR4UUEYS-kTW59xKgh4jCD6aYbZt7gxaQ7wJIaKaktgxieEXe0Nh4d7tlnv1RXFD6HFg5SM49nTifjD3ncaQYRCGjovzV9ZV_z9zK8CnBck14HWc7KI61Jmy0mRPEFOcKP79cbIssjPPbo8vFsDJYTItxx46rH-TJ3vH-MDYqozhiJSESPYvbWaITUsx_nf1vK1vLOZTJcwB63rxXtr4-UFZtPqEoKZzUHLz3vDEV6uSN5om03-AZKmJ_4kHyz6jWq8gAYSca_VThvrwjgAU_KwGWcK2PS1iIudec_1OaDQXadELZGlY-wcOhkDg72Wy8IhwJYoVx0_ideHnOYaMmanljqTyNEk8ZRQNHT7869zsjd97RfMG6WprrvsYp6pKl4AWDOct9MK6gSjcVhq_e0vz6cOvJky94kc3jzKCxeieRtj6Qe9XRNrO3gRCnlt8oCHYwNblOI2ZMAzZnQrJToYPnhviRh1pB7_RPpsnazCCuYYN3tgygVJCAEQBYo7Jw2DcXFxHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDva3fh69ZdiPArfM6toPwuS6-AGcge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMDMyNzEyMTg1NDczNcgBCeACAKgDAcgDAqoEmQJP0Mdm28bp4WK4rguTlqPxruKguucsaN8owyJ8J6qNSpMrv7pCTHxVjVaL88UOX7mziUdNrAUwINys6LqMO9sebEXQu2fGRCXS2uhkzdmNdv5spiYt9RNHh9oN82OA_TATh-qIIzjCBj0JgDB7M3EaAOrU-YnuZlS0yNz8hBIKa427fYw7amnLbmrx-ZiISiPCXhLWdJsdnKyFPvKciTAoKVsMeQMJpvk2M6BYyw-fOx9ONV1yV7Qeehh8s7aaHHVsHbb642oBb5cWYOr0ZHTf2Qihuu6XFPL-BgNm-_q7vGhkcZto-rNNO1B9JPJSftdpNoThF7YJsYJG8H1hd7uosTKgSv-TEb0mN_rDBwA8iDgdB63SBm6PQ-AEAYAG14f1v96KhuLYAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljgkLrTj42EA_oLAggBgAwB4g0TCLrEutOPjYQDFTemWgUdQrIOH9AVAYAXAQ%26num%3D1%26sig%3DAOD64_3kpl-O7G6ae4UBF3FJW7zfd_3FqA%26client%3Dca-pub-5900327121854735%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:27 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
ft.stat
stat.flashtalking.com/reportV3/ Frame D53A 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-8060576;4582054;0-307-0-0-572985096
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-52.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:28 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Fri, 02 Feb 2024 16:55:28 GMT
/
ad-events.flashtalking.com/state/8060576;4582054;0;202;E977BE09-6F28-8D0F-A2CF-B64FA44112D8/ Frame D53A 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/8060576;4582054;0;202;E977BE09-6F28-8D0F-A2CF-B64FA44112D8/?cachebuster=724996997
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-116.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:28 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
image-03_1.jpg
static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/ Frame 7BC0 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/image-03_1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1279a84a31304fd59003415a30d0dd7e6d4a67d6b5f65afea49f5b9912bb03e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 15 Nov 2023 14:10:43 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6554d163-c02d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
49197
expires
Mon, 27 Jan 2025 16:55:28 GMT
image-02_1.jpg
static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/ Frame 7BC0 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/image-02_1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
6a486fcb39ea8e7a6c1d64bf56bcd117aa63a9971e4e248f2fe240a1a79f56a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 15 Nov 2023 14:10:42 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6554d162-16fe5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
94181
expires
Mon, 27 Jan 2025 16:55:28 GMT
image-01_1.jpg
static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/ Frame 7BC0 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/image-01_1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
e8149974af3c8eb4f9ef91d6c686f255ea1b3a061b077584a729bafb4118ec9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://static.criteo.net/html5/molekuleus/111152023/bof15-21-decision-retargeting/728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 15 Nov 2023 14:10:43 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6554d163-8824"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
34852
expires
Mon, 27 Jan 2025 16:55:28 GMT
boxl.jpg
img.btolat.com/2023/11/28/photogallery/684/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.btolat.com/2023/11/28/photogallery/684/boxl.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eb96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad70f36f63dc51313fbaa3178e3e347de8774f1096e2f41bafd5968d628823e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:28 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
16063
last-modified
Tue, 28 Nov 2023 17:21:31 GMT
server
cloudflare
etag
"45ea9541f22da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTBCGvi7jb5tVjG7wXdN2LtyipAiMT7KhPLXY%2Fclpi4FUDs1OIgHRZ8diOmCEfXaBbY%2FWh9dqwtbXzi4xFS8MG5t%2Bz3SIyllPr1hiykO2n0yDQ4%2Bg4FP4NzhuZIqkq73mGfhC6mJ7Yutx8%2Fpvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
84f3f6459fdc4bcd-BUF
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=iujNki%2FKon7LxENUgvyZ%2FE2Ud8Z3%2BiSnduQG%2FGYXxEw%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=iujNki%2FKon7LxENUgvyZ%2FE2Ud8Z3%2BiSnduQG%2FGYXxEw%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.btolat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:55:29 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.btolat.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 02 Feb 2024 16:55:28 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.btolat.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0&b=1&g=iujNki%2FKon7LxENUgvyZ%2FE2Ud8Z3%2BiSnduQG%2FGYXxEw%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fed
ups.analytics.yahoo.com/ups/58809/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.btolat.com/&pixelId=58809
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://www.btolat.com
content-type
application/json
access-control-allow-credentials
true
content-length
0
rid
match.adsrvr.org/track/ 		108 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
a4717f9986c8abf277cf26fc9ceb308a048ce5956b06fdff4f0e64a4cb55a9fd

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 16:55:29 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.btolat.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 03 Mar 2024 16:55:29 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8D6S73ZBHH&gtm=45je41v0v874051100za200&_p=1706892923529&gcd=11l1l1l1l1&npa=0&dma=0&tcfd=10000&cid=607451407.1706892924&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1706892924&sct=1&seg=0&dl=https%3A%2F%2Fwww.btolat.com%2F&dt=%D8%A8%D8%B7%D9%88%D9%84%D8%A7%D8%AA&_s=2&tfd=6341
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8D6S73ZBHH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 16:55:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.btolat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nhwimp
nhwimp.izooto.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nhwimp.izooto.com/nhwimp
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.btolat.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Feb 2024 16:55:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84f3f657d8ac6aee-BUF
content-length
0
ft.stat
stat.flashtalking.com/reportV3/ Frame D53A 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?0-8060576;4582054;0-310-0-0-415635735-50x0x0x0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-52.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 16:55:32 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Fri, 02 Feb 2024 16:55:32 GMT
postback
s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/ Frame B448 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.acexedge.com/2/2.118.0/tm75/AoeyvXoEBaEqHZE3/postback?si=672669&ac=727394&dm=15&ti=94a2cde351c93afa7d6de5f5c8462e3a8d7fba81_2.1&dt=2926111444050714666007&pp=44337&pc=2643516&sr=24042&md=DISPLAY&account_id=461365&ap=&ci=tm75&ai=4118350305&ui=&cb=-2194766152732602051&c2=3&r6=78f9e578429239ea38bde0dc6b11bd00&di=www.btolat.com&sid=AoeyvXoEBaEqHZE3&oz_sc=a1d411d40ed01af457a73d82&oz_df=1706892932342&oz_l=591&cv=3
Requested by
Host: s.acexedge.com
URL: https://s.acexedge.com/2/2.118.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.23.212.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-212-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 02 Feb 2024 16:55:31 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
btolat-com.cognativex.com
URL
https://btolat-com.cognativex.com/cognativex/cn.js?v=2024-2-2

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| googletag function| gtag object| dataLayer object| FB function| fbAsyncInit object| _fbq object| _izq object| izConfig object| f object| e string| u function| $ function| jQuery function| getMatchesDataAsync function| Popper object| bootstrap function| postComment string| imgLoader number| _i object| ggeac object| google_tag_data object| google_js_reporting_queue function| _izooto undefined| google_measure_js_timing object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| TWAGORAINARTICLE object| __buffer object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NGJkZmQyYzc0NTRkMzEwMGxvYWRlcl9qcw== string| NGJkZmQyYzc0NTRkMzEwMGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| google_unique_id function| iFrameResize object| ProjectAgora function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| pbjs object| regeneratorRuntime object| ox_esp object| criteo_pubtag object| criteo_identitytag_149 object| Criteo object| Criteo_identitytag_149 object| _33across object| udm_ads_queue boolean| udm_edge_init object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| udm_r3Chunk object| udm_r3 object| mnet function| endedHandler function| udmPbcsRun function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates function| quantserve function| __qc object| _qevents object| ezt object| _qoptions boolean| 2f7eed09-e3e8-4e5d-bcc3-330af8db2bc2 object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds function| izootoEmailSubcriptionCallBack function| izootoEmailEventsCallback object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

117 Cookies

Domain/Path Name / Value
www.btolat.com/ Name: btolatUTC
Value: UTC=600
.izooto.com/ Name: IZCID
Value: 997585a9-fa99-4e88-b901-888baddeedf0
.btolat.com/ Name: _ga
Value: GA1.1.607451407.1706892924
.btolat.com/ Name: lotame_domain_check
Value: btolat.com
.doubleclick.net/ Name: IDE
Value: AHWqTUnZXl1ZxpOOHqLd6i7u88n9ZDzfpR1rH1LdzRiBSle7Z-NxyH53w_CVmvIHBuY
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 523cdc2d60f3b9e86b7d3fc0c5301710
.btolat.com/ Name: _cc_id
Value: 523cdc2d60f3b9e86b7d3fc0c5301710
.btolat.com/ Name: panoramaId_expiry
Value: 1707497724715
.btolat.com/ Name: panoramaId
Value: 37a5f7c098710ffd6cc11ed736e6185ca02c916be30a6d5b7cfd4b92511c9033
.btolat.com/ Name: panoramaIdType
Value: panoDevice
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.udmserve.net/ Name: dt
Value: 080934C2-0B38-38A0-9677-D519F6B3687C
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: Zb0efTu-dPNc6QdaKXrLOwAA
.casalemedia.com/ Name: CMPS
Value: 1300
.casalemedia.com/ Name: CMPRO
Value: 1300
.pubmatic.com/ Name: SyncRTB3
Value: 1708041600%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E28F8E7B-362B-4CDA-92FA-1E4DD984B733
.go.sonobi.com/ Name: __uis
Value: 4c4e4dda-0033-44eb-9fdd-e32c1471013c
.go.sonobi.com/ Name: HAPLB8G
Value: s86125|Zb0eg
www.btolat.com/ Name: udmsrc
Value: %7B%7D
www.btolat.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.btolat.com/ Name: _sharedid
Value: 65afe824-5e0a-415e-bf9c-5eca7da6782c
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: c9ebc201-b3f1-3f79-b625-ea22bf5f41cd
.technoratimedia.com/ Name: tads_uidp_44
Value: LK993YFP-12-KN2K
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 3714675735289733798
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AQELzpffUGPhSgF89Hk7AQEBAQE
.technoratimedia.com/ Name: tads_uidp_50
Value: b9399840-030f-0e6c-098e-9b5fdc964725
.technoratimedia.com/ Name: tads_uidp_61
Value: 212211626104821
.technoratimedia.com/ Name: tads_uidp_62
Value: 3327441908094430000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: kzlzfZ0ea0ScZ2w2pGLX3VYw-PZPYrat
.technoratimedia.com/ Name: tads_uidp_7
Value: ea926551-952f-4845-96ec-ec08a9393564
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AAAJE07LejwAABNNt9bwLQ
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-7c3f386d-d811-46ac-a7ac-c2cadde0fd74-005
.technoratimedia.com/ Name: tads_uidp_77
Value: qj_RdmOZWTy-QpWW3bff91yLLPWfGyWMPRTR958z41w
.technoratimedia.com/ Name: tads_uidp_79
Value: 2a22dcc8-e173-4495-84d4-1b70c299e3a2
.technoratimedia.com/ Name: tads_uidp_80
Value: y-7PHRNbtE2uHRdgkmGi8e186xAirRX4e5~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZLds-Pkrw-mgXv8Ej1607AAA&2354
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 3618999737689635052636
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230719045631+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.yahoo.com/ Name: A3
Value: d=AQABBH0evWUCEMK2cMr0a5QOSA6etPssL8gFEgEBAQFvvmXHZdxH0iMA_eMAAA&S=AQAAAjtnWKR1oKmjjPSqqLtU7q8
.udmserve.net/ Name: sonobi
Value: 4c4e4dda-0033-44eb-9fdd-e32c1471013c
.btolat.com/ Name: __qca
Value: P0-1920870301-1706892925173
.btolat.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-ISXrmJuBJyxuPn_ovVHZmxHNPHotstdg79ag5ZKUKNTPcAB4mUupv1VYX2GeYmA9o7CNNo4DTVzpSb-Y5h6IoEQP1WQ8IcLdzgo-VykuptE0GBVJTirZo2XG59HV8NGzXfGF85FoEZGArxnsTT88NxI7hOw%3D%3D%22%5D%5D
.contextweb.com/ Name: vf
Value: 1
.contextweb.com/ Name: V
Value: nMd6j44VAmFR
.contextweb.com/ Name: wf
Value: 0
.pubmatic.com/ Name: pi
Value: 156505:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.udmserve.net/ Name: sncr
Value: 5E15D2A62FC44EC58D52C87AC88A86C7
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.udmserve.net/ Name: yahoo
Value: y-cIk61JpE2uIufrLyEHierO6tC1w5nRle~A
.openx.net/ Name: i
Value: 65afe824-5e0a-415e-bf9c-5eca7da6782c|1706892925
.udmserve.net/ Name: magid
Value: LS4VZ6EH-1C-750Y
.mgid.com/ Name: lmg_usr
Value: 54b342e9-8025-4e0a-b3a2-67c771470ec9
.mgid.com/ Name: lmg_r
Value: 24
.udmserve.net/ Name: pmid
Value: E28F8E7B-362B-4CDA-92FA-1E4DD984B733
.quantserve.com/ Name: mc
Value: 65bd1e7d-59227-ae44b-b728e
.udmserve.net/ Name: mgid
Value: 54b342e9-8025-4e0a-b3a2-67c771470ec9
.adnxs.com/ Name: XANDR_PANID
Value: 1aUOgnktePXRzSmFPLqE64YIGb_GvbIjg35Of8R_2-MumsyBEZRfuGQlpUdhxm-7DipwjZrPX7QJQFhisNTUYXpi15raL6GzOqXqstmT46E.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 825646077963916831
.rubiconproject.com/ Name: khaos
Value: LS4VZ6H9-1A-F8LC
www.btolat.com/ Name: udm_edge_floater_fcap
Value: %5B1706892926015%5D
www.btolat.com/ Name: udm_session
Value: 1
.udmserve.net/ Name: udmts
Value: 1706892926.0
.udmserve.net/ Name: apnid
Value: 825646077963916831
.udmserve.net/ Name: geode
Value: "63831660926:96.9.249.45:840:C125:D538:S33:us:rochester:New York:14618:wifi:hosting:?"
www.btolat.com/ Name: udm_session_rad
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zb0efgADG5EzbQBI
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=58768FDE4AF7A5"
.demdex.net/ Name: demdex
Value: 42351293739326020244524637065098692560
.viasat.demdex.net/ Name: viasat
Value: 42351293739326020244524637065098692560
.btolat.com/ Name: __gads
Value: ID=d9422c23ebbf778c:T=1706892924:RT=1706892924:S=ALNI_MZbb9mOUaZEiuzMTCAUlQZj3uSvRg
.btolat.com/ Name: __gpi
Value: UID=00000a0aa43fb459:T=1706892924:RT=1706892924:S=ALNI_MY2nu-TroyGXct9HWuewsMZ9Y-DiA
.btolat.com/ Name: __eoi
Value: ID=e2ec490d2d49b64d:T=1706892924:RT=1706892924:S=AA-Afjae1oFr6ZFdQB2GLLv4SBG1
.btolat.com/ Name: _ga_8D6S73ZBHH
Value: GS1.1.1706892924.1.0.1706892926.0.0.0
.adsrvr.org/ Name: TDID
Value: 726b63e6-02f2-4558-b267-64b7d0483091
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCLKLkqG5htI8EAUYBSABKAIyCwjY8urNz4bSPBAFOAE.
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.analytics.yahoo.com/ Name: IDSYNC
Value: "19di~2gj4:18vk~2gj4:19e0~2gj4"
.bidr.io/ Name: bito
Value: AABSlE7Lej0AABNxUayRiw
.bidr.io/ Name: bitoIsSecure
Value: ok
.ipredictive.com/ Name: cu
Value: f03de5a0-48d6-4d56-ad47-651eff7d0127|1706892927788
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 7a34a586-7d03-40dd-8d72-878e8a9cf76e
.prebid.a-mo.net/ Name: sd_amuid2
Value: 7a34a586-7d03-40dd-8d72-878e8a9cf76e
.linkedin.com/ Name: bcookie
Value: "v=2&44c7a7ed-342e-4dd4-8ab2-72a72ea9f265"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2979:u=1:x=1:i=1706892927:t=1706979327:v=2:sig=AQHH1cLfXbL3swApinbpkH-66Y5fKEiH"
.hb.yahoo.net/ Name: visitor-id
Value: 3498945276634951000V10
.hb.yahoo.net/ Name: data-mag
Value: LS4VZ6H9-1A-F8LC~~63
.tapad.com/ Name: TapAd_TS
Value: 1706892927822
.tapad.com/ Name: TapAd_DID
Value: 66c08020-1819-4866-abfc-bb3ef83b1278
.connatix.com/ Name: cnx_userId
Value: 8eea4f7e03564978ac45dd3fe563efcd
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.primis.tech/ Name: csuuid
Value: 65bd1e7fd6b33
.intentiq.com/ Name: intentIQ
Value: n5Yvn0NDSO
.intentiq.com/ Name: IQver
Value: 1.9
.amazon-adsystem.com/ Name: ad-id
Value: A_I7yDu37klAl9dfKWBAidY
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGEHNTnVAtx8FYvo2XO8wv+z0QnGM0pmGR1n8s9Vhf95mf1lK2PPtOuy5nf+NueFKoyW6sGL3p6ruBxGCOXoSK1PNDZupj/PjCyqVI1k5poNA==
.intentiq.com/ Name: intentIQCDate
Value: 1706892928172
.intentiq.com/ Name: IQPData
Value: 1611266349#1706892928171#0#1706892928171
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMzlJbUJa
.intentiq.com/ Name: ASDT
Value: 0
www.btolat.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22726b63e6-02f2-4558-b267-64b7d0483091%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-02T16%3A55%3A29%22%7D
.33across.com/ Name: check
Value: true

389 Console Messages

Source Level URL
Text
network error URL: https://www.btolat.com/assets/css/site.localhost.adsCss.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://btolat-com.cognativex.com/cognativex/cn.js?v=2024-2-2
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://bid.underdog.media/udm-r3_v2.23.3.js(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
worker error URL: blob:https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55
Message:
Mixed Content: The page at 'blob:https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55
Message:
Mixed Content: The page at 'blob:https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55
Message:
Mixed Content: The page at 'blob:https://www.btolat.com/8bfa139f-5c1b-4b13-833c-5ec1d9ee8d55' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.btolat.com/&pixelId=58809
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.btolat.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19f7584d317e8845edeadf9f800ce01c.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad-events.flashtalking.com
ads.us.criteo.com
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
bcp.crwdcntrl.net
beacon-iad2.rubiconproject.com
bid.contextweb.com
bid.underdog.media
bidder.criteo.com
btolat-com.cognativex.com
capi.connatix.com
cat.va.us.criteo.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.flashtalking.com
cdn.izooto.com
cdn.jsdelivr.net
cm-x.mgid.com
cm.g.doubleclick.net
connect.facebook.net
connectid.analytics.yahoo.com
csm.us.criteo.net
displayf-tm.everesttech.net
edge.udmserve.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
hb.yahoo.net
hbopenbid.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imageproxy.us.criteo.net
img.btolat.com
invstatic101.creativecdn.com
lexicon.33across.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
nh.iz.do
nhwimp.izooto.com
oa.openxcdn.net
pagead2.googlesyndication.com
pahtuo.tech
palibzh.tech
pixel-us-west.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
playtime.tubemogul.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
rtb.va.us.criteo.com
rtd-tm.everesttech.net
rules.quantcount.com
s.acexedge.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
ssc.33across.com
ssum-sec.casalemedia.com
stat.flashtalking.com
static.btolat.com
static.criteo.net
statsf-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.technoratimedia.com
sync1.intentiq.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
udmserve.net
underdogmedia-d.openx.net
ups.analytics.yahoo.com
viasat.demdex.net
www.btolat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
btolat-com.cognativex.com
104.117.182.208
104.18.36.155
104.18.41.104
104.36.115.111
108.138.128.28
142.250.65.194
147.75.198.144
15.197.193.217
151.101.130.49
151.101.194.49
162.248.18.32
162.248.18.37
172.64.152.89
18.173.219.12
18.208.240.47
18.64.174.12
198.148.27.131
23.1.197.91
23.48.224.142
23.56.162.52
23.56.163.106
2600:1f18:4e9:5a02:c3c0:c85e:6285:3c96
2600:9000:21da:e000:5:c4ab:c3c0:93a1
2600:9000:21dd:ec00:6:44e3:f8c0:93a1
2600:9000:21ea:7a00:10:dd8:5e40:93a1
2600:9000:23cb:d200:1a:5235:f980:93a1
2600:9000:26fa:8c00:1b:6b7d:2300:93a1
2602:803:c002:200::32
2602:803:c002:200::64
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:3033::6815:5ea5
2606:4700:3035::6815:5277
2606:4700:3038::6815:eb96
2606:4700::6811:3763
2606:4700::6812:d841
2607:f350:3:2569:0:10:0:d
2607:f8b0:4006:809::2001
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2006
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
2a04:4e42::485
3.225.218.10
3.225.68.245
34.102.146.192
34.111.113.62
34.149.20.76
34.201.247.102
34.96.70.87
35.244.159.8
35.244.193.51
52.23.212.13
52.46.130.91
52.71.32.125
52.73.58.116
52.87.41.151
52.95.126.138
68.67.160.76
68.71.249.118
68.71.249.120
72.21.81.64
74.119.119.129
74.119.119.147
8.2.110.161
8.28.7.84
8.39.36.142
8.43.72.97
8.43.72.98
00760f0f99baca15aee36219035d322b28a51c435c1576984a4cbaeeb9484814
00fbc73f4e68d34a100f178839665e9925ca33e6838a3972eaba95c9b7c88352
00fcd208be9dd06d82b38bfaa8244c5f0cf1e54b8c6c3223b40f75ac4f05d0d4
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
06a5906acf4db557646d52372985803b866900b2827c64b16b0d072431165232
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cca105a0c09196e6f90934724a2870903f11f52200da693f399155a5f6ada8a
0cdd47bfd41a0594e0c5fd574e5f5900a47c84b9aede689bb796efc0dda0baa7
0dec7133c29e2c418f3db9eef76c0c6572c72c4a4501501e491830e00a3baa70
0ec6f2a376e33e43dd0ac32946a6fed1e1b865f258886da1d1d8aa800ad4d694
0f9f01e8064d566684054758dfdc481639db181059c52549866e99e37ffe1ed0
1078d66bc3cd244ab4bc95bfa443adece79dd54de00d92c1bf5408b4536635c5
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
1279a84a31304fd59003415a30d0dd7e6d4a67d6b5f65afea49f5b9912bb03e5
12ff2058952e6a9fa814678a87619d22a5544a904ed06a01158da0f066db5389
13a156c86ed514513047e9d4ce4d486466aaaa0775e3064677f5a3c8809da2e6
18bd1ef4da7ae613a8f15e6de33181f6697130509dee479488cf87bc68c33d0f
1ab465db07b3c68f6a87bf94194e8a4c0df8afc4be157fc670189e36e7355382
1e91e06c06bbbb021a7a6b87c9b1e01d2fa18f16de16e30e1a8a5c8b9a2b93db
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
23c7382cd0c416b60c0664ec0443947e42abd1e9723db9458987c16ed86f2719
267bcaa6d5c8b423764b143f8cc0d50986cc404efaa6b38deb9927d7a01460d8
284e5a3018a69056c0a110ba83169175824f7b677a342d006b463ba29237a8ee
290ee15eacb8b58fc7928de2588910d1a5ed2f868b5a178bb0fbf22b2d17271a
2c4ff85d4acb13ae166c4eca2d71cef262ef6a06c3aa75dce78d66f56a7040eb
2c765616d0bb062058d466d27b37704e0478b15d3e0f35d1b4e32a2cccde8d2e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe101c0179046604a21b2762c7e7e44d98646267727910c9fb30383eab3302e
3123c0416aac4344d7de8e6921ef7c094989473880893f50ae5cb9e74c63c612
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3207350ac2167aaed31db10ac9fc379890bcdd4bcbc1528e0e96ece7a03615e6
32856bc4de87892e7671ba2248927affca75a631b5dcd006d110dcf6e67d8b5f
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
37cc46a339a99df831a46660024db89cf62243b8259093395130ee189b9baf7b
38b93a380a25062cc97b648adf99e681b5f5ac899d618e4e5138a8fff0d8e581
3aba1085fe27cf78f0c318ed85f70354c5e387b40376ec90cbfb529040c4aa4f
3addac1f8a8aafd8db0c71e77ae8fe1e029c4a6c2ceda391b26236500d5507d5
3aeaec26604150644eb721e54cb1c089e1369b825e6d2dee9f1d84d58cdbe586
3c1195fdef981796930b67be17e052c2c7541131a55717fb1228cb029ce8ddfc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb739d67ac21cf2a3a4c877356d005501d2c65e180f29e144960b9ee49dd739
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425afa5a758ac7408f7677c02033109b8a1845a79fa2b74caadf227ee9a5e96f
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
448d631ee06f79f0281913f71dcbd540551f7e274d9f6da67d6cb04942f371ca
45525d7344ce66396376e0d74934921bd1249227825c9997ed3753bef99997cd
4588606b9e1bc0f5fc5166c9c48a1ed9ef188c0fcbe16a7ef3e5c9dcd6e996e8
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
45ab87506d84558242990d81fcad9dd508df6719f60851edb6765ec8438a3f13
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c82f5a01bae64f72f59003f7fbb4122724c7616016c44a7869457ff27b07ea
474cea7f3f466424de9bae50f66c078ea836427bf55c23973bfdd194ed125891
4ac4a6f24597e0c54ea470d7d72885058016eb8e58e9e2e3b94882adc0a18619
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef546db08af45181e73c6a623bd2f6d4eca7958e8f4db46e887bfa2ba74f28f
51c5675052d719ff74135a4f82c1198fff02f275949e31a660266c43063d5bca
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53bb09934363bf519fad500cb24f9acc2b45a1b5169d6478ceb64c740b2cecc1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54c1a25253037b8fc09581dfda4ad014dc58be1eedba99d189e2b9b270270707
54ece55bf509d7ea07fb4a78c2d1273d5267fee86cefc14b78e495e8ce12f3eb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5871174e0b2816ab64e1819e8ba696cc4e3620cb439d82e3b69ef2352737b4cd
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
59289e96a9b37e4668081ef40bd08bff0af822699ee8a23b8c8c1424f5717720
5942eefe94f05d709e07d3370bcc6f18e29d455239ebec6f820a4a308b6cbfba
5abd4d592ab3d6008cd901ad585957239465c51270c75d7ab782d3ff5e243165
5b38a128b788add8d752869a015b0af2811a42bd192c575b972fdca350db821d
5b9110f4a676d82b42d6b9c8d5ce8dcb0e6e12b0bba2fe48797a7dffa035d164
5cb3d6eb9c192f0339126dc9290c8cdc286512f79318d9a6e5033b2ebb93e8cd
6012d737070faf0fee1bc56da6c9dc9e63ea8e49efab3ac19182b7db3a41d4b6
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63543ac611ea6e2eb8736a99f1da779b505e28d1f5765657eee15b3c500c375a
635b2462bbb926bf5b5e1dfb2287e7886ee8a11bb41f24773a4a885e12041636
636d68e98abb3093d409eeffa6710155c12925357e2899b8babded67b8ab4d3a
642584db0078109f64eea4c2373a14252efe1015b1c649eaa2451798fc539a9d
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
64c574e4b4b9aec5ee359b4cec763a4ecb125b18e0d6cdc6c75e14239bbefa03
663a877bbee16a7a3d457d63b6ce5bb8c567942e558742c3a116687897460cec
66903d7fc339c501a29476768b01da8f7e3016190a5fa7a8138762aad6c6f9a7
6710064945af4199af73e654a6db6c34bcd53b9420762dabb09a2382b343678b
686e660739424dd896e22f46622a30e963c89df24864933df2a586ebfd5cacfa
68f33dec93b3fbcce8ef912d1e754b1d195e90120ab867132b9c43706151ef24
694862fded68c26a6d846df4aeaefab129f532681e387581707ba132837ffbb5
6a486fcb39ea8e7a6c1d64bf56bcd117aa63a9971e4e248f2fe240a1a79f56a6
6ad70f36f63dc51313fbaa3178e3e347de8774f1096e2f41bafd5968d628823e
6be3691a31a8a23215b3ce32e0ab14b3aafcc24582bcf3a89f24696c9175ee54
6c940acb0bb5d4c0e39c1e6adb8ded26fceab274ae0708283ad3c5e7269bae7e
6cf3905f34060d87775e6010bfcda5aeed37becceb1d7229196ea8e8501a7c0a
6e6304cbc6414b8f0e4ac98cbed84e091de6b35be714ac116895d8a64eb66171
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
6f37cc32c3fd02c1228e56d5e83fb828af5a4fe324eec4ae0a970ec8a4f4434c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7261a095f6a950e9538bf928b7317e430ae3e93df8f71adab790d8c2426f8db4
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
758a849ace3f8da872dbe66c1f7fe9de5bbf161ce29e54686a0a5af46a2ac74b
7725cc66bee1451a28d6dd9b81791ce531ee8bd369b3f0584b7d66e7aaed1040
7748697feef3673174ea48e0be59ab9a014d4fad4ea826c9e5a0975e6e8ba2e2
7a2681dab2f9ff15961d78a6b6d0023c6c7746511fdf4413e497c9ce88572ff9
7d92cdab826eaf9fdae90a61cf8bf1048ece8e2515ed7388513180c78d408f5e
7ef57e3b68e991e7f960f5d5a82a179d01df0ca2dfcfc5919496610b1f112bd2
7f478e0982569b51b6cf2a2596a4509e9e473ab3fd0bc5b149dc69d73fd01326
809e42776eaf995aa904055e1262fab049761974508b1aae40a1bf38d1de12f0
8493c6cf1a3cccc307d4067c48cf0c09e1d6544ba654f034fe7b83f8dc2b4ad2
84bb6777670ca188fb6a7d6298b367e96e356e00a34c9af3c8e66c1e949601b5
88211f1be0b9c592df15da542b4cedc1acf3b32caf4922bb4e9a18e74870311e
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
88dbd445a9da748d92e5c6377c32a461cfb02bab123007b08241ce50af040889
8b1d19cea7be46f8a2330c4e33f66b525f2f864c3f3d9e326ba0abfcc1bdcab1
8b24eb20b9abcd601a50eda7b7bc9853684f7895f9ae27fb2ff1721f555dd35b
8befb2da354d7f317a1d148773743125635d00d5488bae27835566fb4cb253f9
8c66f4aca2010db9ea45505b5f0ff0a67dfc576ceb36377901474e2aa8e5c34f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fe25e08fd7edd50bc59273ccf05a9909fc1124e942effeb467fb397339db22e
8fec884d02f6b4e88e58427e9d360203f891b4bd17d5f67c2b0bdd2d1857f388
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
92808cb8119ca72ac647affe1d65e04bc4c2e68130868e0e3f719f7caa13ac9a
93f9cfc256c67adb11cc3e56db2fa9073bc5b737a705c98ec861746625f4360a
955b9fbfeb7198dc28f0c7063877ee7b4902dd93253c6e3669764935de9c27c0
976874c659c57019b3aea59421a6b09746551c14bb0348b695b3138f2dfd9e5d
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
987276ad08d30939966de1f4095ae854f1b897a4b81004aa6ca73f52db285e66
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9b8fbe907b42a439b29348b6b808725467728ba8df78726254369df21cd276ea
9d8552f58c3962ffc54bed6f9a348c2b91b8d5fed219411a49cffa67baa5bbee
9f6bddf865d5b90bdeb56c1e4316f8be0d5c7fbe8f096554c910984e73a21efc
9fa71e7467f5753851c8f894900ba191f21f8d91ee1142e8a4b766010928f01b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a26256a8778601e660015386ca9f60bb9d6ac7f82919ac481e59e13b95c66b91
a29e3a217c41e7f7c4dc7c1c7db1a8ef16295c610d943b82c422b1a735897fb8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4717f9986c8abf277cf26fc9ceb308a048ce5956b06fdff4f0e64a4cb55a9fd
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acde836d82e608c61639d2c49a6c228e3381c828a75f3592ab324228d7294911
adace4e09bd5c7096f2ebff170772d59178a6be1422ee74e67e4188b8e6b9668
aec396661c156428b535bc07b917cdc290218b7226ccafeb6c971c714cbfaec0
af6e31eb51393c67a65b952cc73449bfb19f60270cdba7c77a00f79243695405
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3333bdb28bf79584e3d9cf65fd2a59df10ba444511bbe58a3a56cce39dab724
b3878d13a99341ea76a01f302cafdeebc46c68a7f7aa19147082cbfb982bff9c
b49c6d520de3d26aef1c81662067c909f9c07a0a6ecbde2ad6be85d818e3ff68
b578f923c6d2826feabac2442d3e73f201f56f8d3d22235e42c0ea8dbdb96a77
b6592044a6fe7196d2c94fd47b47174b82af18d8a4bd3d1c7e8326663d506a4e
b81180d6821e8e0b339b3d679f77ea235b66a9d24d3dd2e845b66d9fd5e937c4
bc4a57972a6fb41be74088626646b9c1c02b8be5cb2142f4fdda77a3693ca96f
bd40c1c311037a6e5c8bf7e1b43b412a14f2a7806e5d340125ea46802852ff73
beb00a215efa07f175d2da5d59bea3578ae9c67b1699cea139ee9f4b44e53a6a
c053296a9992bdff00722df969399ef088f8cc97b3c61811d94fde5dcb039967
c07c689ee7cee412664dbdf0a74f744c97afdc56a7233719651f000d927bd96e
c09919f06ceb799754bfe3810c1955cb270dc433e8eebe6c55ffac70db4b732f
c18d5bc93845dc3a04c0262d9afa91dfe91212635381a94702c7ea30f412f9e5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3197782721b8b7d31dc092b4c7536e568703fea6445dd489808ff42cb597421
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c5dc5eb5a1c1047fe35716d547f786b2e6dab88eb710055dd6e17fdd67905ba2
c768a151beeba737f6bdcafecf755cacdcedc0addb237da840766f826567deb1
c7eb3e827edb98d53070f7e82665b5a13fd7b5293d4c8c22653571836c4a3867
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c808bf4e508bd7d8852a7ebaf2cf1e857dc4fcc883f90f3844a014ffb49bf3ab
c9a154981209d7542f36896441213e446e902e35164853363425574ec9fbae0f
c9f4b63d228f8bbc5c1347c7b36fc86101aab33627dcd2a770023235b1b27b10
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981
cbd7cad8837207f238d026b3845e11853660fa5b179a6c96b55d0821ab5fb741
ce462ca9cead618103382778ab4de741afec15d84d4a5bbc2f51276a2cafe5cf
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cf23098d0dceb8591e215a9ad2fa5a9c515b7c8e6877c1d0d3ec49b3d81231ae
d19c87e85872d6887423a9678b920c857c2ee69b771159374406af5e882bd99c
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
d7a62b14778a5e0ccf6040168302eb509cdf9d1a0e8f7f025f7f542efcbd2d48
d96e44e1a76d557cdc349d7fca20de807afa97afebac848a0cce8bae4360ff29
dacfcdd514b5150ac58816996e0a304b5ee2b364d8aa8eb997331aab5550b7fe
dbe40f03a995c1b1006981f2208e8724282149fec7fa3108bc30e7c0283cdc4b
dc719b2398bf4180d048904f5c37006183bac05f2d152df0795aab4ced853b7d
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e1f09559b8040f17c7c235c8f68f715d98e9d7db0fa7892b370183f34b111554
e22cf2d03790bd796ac7832bd144ff64bd4690eb623e1312c2a35223e0fdf651
e2ef13b5c1ed2e49541d3022b03af51f5c4d9ce2216765d0b2058ac38c38e115
e30d6717652f18a09e428f20e56b75edd6b4df7507630c4a874bf86e01fefc8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4328d7fd75e056c121030d8c8784560c9e0c442e07485d6c29ef849fa675a1e
e52ec989a1ef0744bacaa597935b7c107d84669815441823f52aae026af38fdf
e54a626a26b060dc463c98d3d747faa7172b131cd69f01275edaab4763dad146
e5aa69fd3c341b04a38c879eb13dc28096b25f97cd06dee8f7894b51e5eb106c
e7ddb1508ad90820e59e2e7a0c696c1fb89ec9d1f37cd29306116435c1140a0e
e8149974af3c8eb4f9ef91d6c686f255ea1b3a061b077584a729bafb4118ec9a
e87644e84a33dc50bfd9966a34164d76e0f6548764f64038030762643e1a4bd7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e92f36645eb1ab6563e9388e3330555862b3b120edd9190890f8988af3edd4ad
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
eb92a0b611a67f6017cbe3e9541b673c165939913a07b0801ae9362926b64e08
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed2a53d5bb62c4a5fd27f95b19c5a1cb435c486ca21ed8515cb8398305163598
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc67378ced29a88fbc6b164f6692b38ea1223baecaa63c08ca11e4c38a7a1c6
f06f40eba9a86a026036462084bee29b78224fb6aeb84ffe1f47dd147c72352d
f1f0630d276906acb1f05d62ef73e563bb0eabbdbe54e453884c1673c9e4af45
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65badbec7f23d1a92fa71089f249aeefbd86dcd3022d5fb126539a73622c806
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a5dcab9c4f4abd7b573c15c8e645ed53d3108e09c4e4253ddc1fba49d6c34d
f9b132529090980e330ae6f6b25043a84b9267589910a7dbf35517ae49ef58b0
f9e22db78aa03c8980912c119cc29ec9771133a1cd8aae89840c23dbc7fc5606
ff086d4f685c26a98ce7977c05c2d6be61d6a976a1af24f21d8a81820af6d67f
ff26965bae8d1fb7af3d8bbeb3274909f376b1c497972e4499b05542c767b129
ff3ed8cffc4a8a75ccb87e3319fba86e649611961e1592ceaaac4863db2152bf
ff66c7021cb249375c8249c2a22f7b78a907d179a42f510de3acd707b44b4d6b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995