urlscan.io logo urlscan.io
SecurityTrails logo

nationalgeographic.grid.id Open in urlscan Pro
2600:9000:2315:1000:2:9944:c5c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nationalgeographic.co.id/
Effective URL: https://nationalgeographic.grid.id/
Submission: On December 16 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 17 countries across 82 domains to perform 552 HTTP transactions. The main IP is 2600:9000:2315:1000:2:9944:c5c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is nationalgeographic.grid.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 31st 2020. Valid for: a year.
This is the only time nationalgeographic.grid.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.213.181.211 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
1 11 142.250.184.226 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
22 13.225.87.52 16509 (AMAZON-02)
1 79.133.177.225 24429 (TAOBAO Zh...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 18.136.93.127 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2.21.142.98 16625 (AKAMAI-AS)
6 108.157.3.184 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.33 16509 (AMAZON-02)
2 2a02:26f0:de:... 20940 (AKAMAI-ASN1)
2 143.204.98.80 16509 (AMAZON-02)
5 20.43.132.130 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
32 49 213.19.147.44 26120 (RHYTHMONE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
5 185.64.191.208 62713 (AS-PUBMATIC)
5 185.33.220.217 29990 (ASN-APPNEX)
1 185.86.138.122 201081 (SMARTADSE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.248.5 16509 (AMAZON-02)
2 4 143.204.98.87 16509 (AMAZON-02)
1 143.204.101.199 16509 (AMAZON-02)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
1 143.204.98.96 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.21 16509 (AMAZON-02)
1 44.239.18.79 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 104.75.89.75 16625 (AKAMAI-AS)
6 6 18.196.241.128 16509 (AMAZON-02)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
2 2 23.88.75.188 24940 (HETZNER-AS)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 185.33.220.242 29990 (ASN-APPNEX)
5 5 185.29.134.248 30419 (MEDIAMATH...)
4 4 151.101.66.49 54113 (FASTLY)
4 9 3.33.220.150 16509 (AMAZON-02)
3 3 104.92.74.8 16625 (AKAMAI-AS)
6 104.117.200.100 16625 (AKAMAI-AS)
2 2 44.193.191.16 14618 (AMAZON-AES)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
6 19 2.18.234.21 16625 (AKAMAI-AS)
2 4 54.236.214.209 14618 (AMAZON-AES)
4 4 2620:116:800d... 16509 (AMAZON-02)
20 55 142.250.186.98 15169 (GOOGLE)
5 185.86.137.17 201081 (SMARTADSE...)
5 185.94.180.123 35220 (SPOTX-AMS)
2 35.244.159.8 15169 (GOOGLE)
1 20.44.221.77 8075 (MICROSOFT...)
2 178.250.2.131 44788 (ASN-CRITE...)
2 2.21.111.28 16625 (AKAMAI-AS)
2 119.81.192.141 36351 (SOFTLAYER)
1 18.184.229.226 16509 (AMAZON-02)
1 2 34.96.119.68 15169 (GOOGLE)
1 1 172.105.221.29 63949 (LINODE-AP...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2 52.46.154.242 16509 (AMAZON-02)
5 10 185.33.221.91 29990 (ASN-APPNEX)
1 1 35.153.248.18 14618 (AMAZON-AES)
2 63.251.232.165 29791 (VOXEL-DOT...)
1 2 54.174.249.39 14618 (AMAZON-AES)
4 69.173.144.165 26667 (RUBICONPR...)
1 69.173.151.100 26667 (RUBICONPR...)
2 185.59.208.177 43541 (VSHOSTING)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
55 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
19 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.157 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 52.48.8.1 16509 (AMAZON-02)
4 3.248.66.137 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
12 142.250.185.130 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
2 2800:3f0:4001... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 64.233.167.154 15169 (GOOGLE)
6 2600:9000:215... 16509 (AMAZON-02)
37 44.235.57.160 16509 (AMAZON-02)
3 3 213.155.156.185 1299 (TWELVE99 ...)
2 35.227.252.103 15169 (GOOGLE)
1 1 2600:9000:215... 16509 (AMAZON-02)
4 199.187.193.181 47043 (SMARTADSE...)
5 5 52.45.33.138 14618 (AMAZON-AES)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 52.2.181.154 14618 (AMAZON-AES)
6 178.79.242.181 22822 (LLNW)
3 185.86.137.114 201081 (SMARTADSE...)
1 66.155.71.108 13768 (COGECO-PEER1)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 66.155.71.106 13768 (COGECO-PEER1)
4 4 13.248.245.213 16509 (AMAZON-02)
1 5 66.155.71.150 13768 (COGECO-PEER1)
3 4 198.47.127.19 62713 (AS-PUBMATIC)
2 2 216.52.2.39 29791 (VOXEL-DOT...)
3 3 54.237.255.89 14618 (AMAZON-AES)
4 142.250.184.198 15169 (GOOGLE)
1 2 169.50.137.184 36351 (SOFTLAYER)
6 7 37.157.3.30 198622 (ADFORM)
2 143.204.98.23 16509 (AMAZON-02)
3 2.21.141.175 16625 (AKAMAI-AS)
1 1 54.73.238.193 16509 (AMAZON-02)
2 2600:1f14:b4f... 16509 (AMAZON-02)
3 23.20.27.65 14618 (AMAZON-AES)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
2 7 185.64.189.110 62713 (AS-PUBMATIC)
1 1 178.250.2.151 44788 (ASN-CRITE...)
13 185.64.190.80 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 94.23.171.206 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.1.44 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 169.197.150.8 398989 (DEEPINTENT)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 2 51.210.112.63 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
1 54.224.68.42 14618 (AMAZON-AES)
552 111
1    13.213.181.211 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-181-211.ap-southeast-1.compute.amazonaws.com
nationalgeographic.co.id
1    2600:9000:2315:1000:2:9944:c5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
nationalgeographic.grid.id
11    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
7    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
22    13.225.87.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-52.fra2.r.cloudfront.net
asset-a.grid.id
1    79.133.177.225 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
scripts.jixie.io
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
delivery.r2b2.io
1    18.136.93.127 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-93-127.ap-southeast-1.compute.amazonaws.com
ads.gridtechno.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2.21.142.98 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-98.deploy.static.akamaitechnologies.com
a.teads.tv
t.teads.tv
6    108.157.3.184 (United States)

ASN16509 (AMAZON-02, US)
video.unrulymedia.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net
stgrid.kompas.com
2    2a02:26f0:de::5c7b:b472 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
player.ivideosmart.com
2    143.204.98.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-80.fra50.r.cloudfront.net
asset.kompas.com
5    20.43.132.130 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
trabd.jixie.io
traid.jixie.io
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
49    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
rx-stats3.unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
3    2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    185.64.191.208 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
openbid.pubmatic.com
5    185.33.220.217 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
r2b2-emea.adnxs.com
1    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.248.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-5.dus51.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
4    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
sb.scorecardresearch.com
1    143.204.101.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-199.fra50.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
1    2a02:26f0:fb:199::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s8t.teads.tv
1    143.204.98.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-96.fra50.r.cloudfront.net
apis.kompas.com
3    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    13.224.189.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-21.fra2.r.cloudfront.net
certify.alexametrics.com
1    44.239.18.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-18-79.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
6    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
6    18.196.241.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-241-128.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
5    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    44.193.191.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-191-16.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2a05:d018:d29:3601:f9a2:1d20:7db2:a370 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
19    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    54.236.214.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-214-209.compute-1.amazonaws.com
match.prod.bidr.io
4    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
55    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
5    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
prg8.smartadserver.com
5    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
kompascybermedia-d.openx.net
u.openx.net
1    20.44.221.77 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hb.jixie.io
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    119.81.192.141 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 8d.c0.5177.ip4.static.sl-reverse.com
as.innity.com
1    18.184.229.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-229-226.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-29.members.linode.com
gocm.c.appier.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
10    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.153.248.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-248-18.compute-1.amazonaws.com
nep.advangelists.com
2    63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    54.174.249.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com
um2.eqads.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz
log.r2b2.io
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
55    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
19    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
39    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    52.48.8.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-8-1.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    3.248.66.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-66-137.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
12    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
28    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2800:3f0:4001:81b::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net
bid.g.doubleclick.net
6    2600:9000:2156:4800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
37    44.235.57.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-57-160.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
3    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2600:9000:2156:2e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
5    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
4    52.2.181.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-181-154.compute-1.amazonaws.com
q.adrta.com
6    178.79.242.181 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
cdn01.basis.net
3    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
eqx.smartadserver.com
www9.smartadserver.com
1    66.155.71.108 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
node-uk-aesei4.sitescout.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4009:10::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r3---sn-aigl6ner.c.2mdn.net
1    66.155.71.106 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
node-uk-raap3o.sitescout.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    54.237.255.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-255-89.compute-1.amazonaws.com
pixel.advertising.com
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
7    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    143.204.98.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-23.fra50.r.cloudfront.net
pix.adrta.com
3    2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    54.73.238.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-238-193.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    2600:1f14:b4f:4b03:4fa2:7755:ddb4:2837 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ipv6.adrta.com
3    23.20.27.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-27-65.compute-1.amazonaws.com
adrta.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
1    2606:4700:3039::6815:c0af (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    54.224.68.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-68-42.compute-1.amazonaws.com
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
101 googlesyndication.com
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
593 KB
94 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
bid.g.doubleclick.net
ad.doubleclick.net
430 KB
51 adsafeprotected.com
fw.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
392 KB
39 pubmatic.com
openbid.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
37 KB
35 unrulymedia.com
video.unrulymedia.com
rx-stats3.unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
40 KB
31 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-aigl6ner.c.2mdn.net
4 MB
23 grid.id
nationalgeographic.grid.id
asset-a.grid.id
343 KB
21 casalemedia.com
ssum-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
22 KB
20 1rx.io
sync.1rx.io
6 KB
19 googletagservices.com
www.googletagservices.com
487 KB
17 adnxs.com
r2b2-emea.adnxs.com
secure.adnxs.com
ib.adnxs.com
28 KB
14 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-eu.rubiconproject.com
34 KB
13 smartadserver.com
prg.smartadserver.com
prg8.smartadserver.com
ssbsync.smartadserver.com
eqx.smartadserver.com
www9.smartadserver.com
15 KB
12 google.com
accounts.google.com
analytics.google.com
www.google.com
adservice.google.com
76 KB
11 adrta.com
q.adrta.com
pix.adrta.com
ipv6.adrta.com
adrta.com
27 KB
11 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
122 KB
10 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
217 KB
9 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
6 KB
9 adsrvr.org
match.adsrvr.org
3 KB
7 adform.net
c1.adform.net
4 KB
7 sitescout.com
node-uk-aesei4.sitescout.com
node-uk-raap3o.sitescout.com
pixel-sync.sitescout.com
1 KB
7 jixie.io
scripts.jixie.io
trabd.jixie.io
traid.jixie.io
hb.jixie.io
12 KB
6 basis.net
cdn01.basis.net
7 KB
6 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
7 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 teads.tv
a.teads.tv
s8t.teads.tv
sync.teads.tv
t.teads.tv
133 KB
5 3lift.com
tlx.3lift.com
eb2.3lift.com
2 KB
5 spotxchange.com
search.spotxchange.com
6 KB
5 everesttech.net
sync-tm.everesttech.net
pixel.everesttech.net
1 KB
5 mathtag.com
sync.mathtag.com
3 KB
4 sascdn.com
ced-ns.sascdn.com
apps.sascdn.com
23 KB
4 openx.net
kompascybermedia-d.openx.net
rtb.openx.net
u.openx.net
933 B
4 quantserve.com
cms.quantserve.com
pixel.quantserve.com
2 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 google.co.uk
www.google.co.uk
adservice.google.co.uk
1 KB
4 scorecardresearch.com
sb.scorecardresearch.com
1 KB
4 criteo.net
static.criteo.net
82 KB
4 kompas.com
stgrid.kompas.com
asset.kompas.com
apis.kompas.com
8 KB
3 advertising.com
pixel.advertising.com
1 KB
3 de17a.com
d5p.de17a.com
1016 B
3 appier.net
ad2.apx.appier.net
gocm.c.appier.net
741 B
3 googletagmanager.com
www.googletagmanager.com
188 KB
3 r2b2.io
delivery.r2b2.io
log.r2b2.io
79 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
656 B
2 simpli.fi
um.simpli.fi
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 jsdelivr.net
cdn.jsdelivr.net
18 KB
2 eqads.com
um2.eqads.com
563 B
2 adgrx.com
cm.adgrx.com
816 B
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 innity.com
as.innity.com
3 KB
2 stackadapt.com
sync.srv.stackadapt.com
900 B
2 loopme.me
csync.loopme.me
431 B
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
15 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 ivideosmart.com
player.ivideosmart.com
72 KB
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
465 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 rfihub.com
p.rfihub.com
783 B
1 deepintent.com
match.deepintent.com
44 B
1 iprom.net
core.iprom.net
281 B
1 ad4m.at
ad4m.at
915 B
1 erne.co
green.erne.co
325 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 smaato.net
s.ad.smaato.net
443 B
1 advangelists.com
nep.advangelists.com
233 B
1 contextweb.com
bh.contextweb.com
392 B
1 ctnsnet.com
cm.ctnsnet.com
423 B
1 clientgear.com
event.clientgear.com
261 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com
550 B
1 jquery.com
code.jquery.com
33 KB
1 gridtechno.com
ads.gridtechno.com
88 KB
1 nationalgeographic.co.id
nationalgeographic.co.id
212 B
0 netmng.com Failed
google2waycm.netmng.com Failed
0 atdmt.com Failed
ad.atdmt.com Failed
552 82
Domain Requested by
55 pagead2.googlesyndication.com securepubads.g.doubleclick.net
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
s0.2mdn.net
55 cm.g.doubleclick.net 20 redirects googleads.g.doubleclick.net
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
39 tpc.googlesyndication.com securepubads.g.doubleclick.net
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
nationalgeographic.grid.id
ad.doubleclick.net
s0.2mdn.net
37 dt.adsafeprotected.com ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
28 s0.2mdn.net ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
nationalgeographic.grid.id
s0.2mdn.net
22 asset-a.grid.id nationalgeographic.grid.id
20 sync.1rx.io 19 redirects video.unrulymedia.com
19 www.googletagservices.com securepubads.g.doubleclick.net
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
ced-ns.sascdn.com
www.googletagservices.com
fw.adsafeprotected.com
ad.doubleclick.net
s0.2mdn.net
16 dsum-sec.casalemedia.com 5 redirects ssum-sec.casalemedia.com
um2.eqads.com
googleads.g.doubleclick.net
13 simage2.pubmatic.com ads.pubmatic.com
13 sync.targeting.unrulymedia.com 1 redirects video.unrulymedia.com
ssum-sec.casalemedia.com
13 usermatch.targeting.unrulymedia.com 12 redirects video.unrulymedia.com
12 googleads4.g.doubleclick.net googleads.g.doubleclick.net
nationalgeographic.grid.id
ad.doubleclick.net
11 securepubads.g.doubleclick.net 1 redirects nationalgeographic.grid.id
securepubads.g.doubleclick.net
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
www.googletagservices.com
10 ib.adnxs.com 5 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
9 match.adsrvr.org 4 redirects ssum-sec.casalemedia.com
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
8 googleads.g.doubleclick.net ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
nationalgeographic.grid.id
7 image2.pubmatic.com 2 redirects ads.pubmatic.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 fonts.googleapis.com nationalgeographic.grid.id
client
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
s0.2mdn.net
6 cdn01.basis.net ced-ns.sascdn.com
nationalgeographic.grid.id
cdn01.basis.net
6 static.adsafeprotected.com ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
pixel.adsafeprotected.com
6 eus.rubiconproject.com video.unrulymedia.com
eus.rubiconproject.com
nationalgeographic.grid.id
6 x.bidswitch.net 6 redirects
6 www.google.com nationalgeographic.grid.id
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 video.unrulymedia.com nationalgeographic.grid.id
video.unrulymedia.com
ajax.googleapis.com
5 pixel-sync.sitescout.com 1 redirects ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
nationalgeographic.grid.id
5 ups.analytics.yahoo.com 5 redirects
5 search.spotxchange.com ads.gridtechno.com
5 prg8.smartadserver.com ads.gridtechno.com
5 sync.mathtag.com 5 redirects
5 r2b2-emea.adnxs.com delivery.r2b2.io
5 openbid.pubmatic.com delivery.r2b2.io
5 www.gstatic.com nationalgeographic.grid.id
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
4 ad.doubleclick.net www.googletagservices.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 eb2.3lift.com 4 redirects
4 q.adrta.com ced-ns.sascdn.com
q.adrta.com
4 ssbsync.smartadserver.com ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 pixel.adsafeprotected.com ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
4 fw.adsafeprotected.com 2 redirects ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
4 match.prod.bidr.io 2 redirects video.unrulymedia.com
ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 4 redirects
4 sb.scorecardresearch.com 2 redirects nationalgeographic.grid.id
4 static.criteo.net delivery.r2b2.io
ads.gridtechno.com
static.criteo.net
3 image8.pubmatic.com 2 redirects
3 adrta.com pix.adrta.com
3 ads.pubmatic.com delivery.r2b2.io
ads.pubmatic.com
3 pixel.advertising.com 3 redirects
3 d5p.de17a.com 3 redirects
3 token.rubiconproject.com eus.rubiconproject.com
3 cms.quantserve.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects video.unrulymedia.com
ssum-sec.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 www.google.co.uk nationalgeographic.grid.id
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 traid.jixie.io scripts.jixie.io
3 accounts.google.com asset-a.grid.id
3 rx-stats3.unrulymedia.com nationalgeographic.grid.id
3 www.googletagmanager.com nationalgeographic.grid.id
www.googletagmanager.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 ipv6.adrta.com pix.adrta.com
2 pix.adrta.com q.adrta.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 ap.lijit.com 2 redirects
2 r3---sn-aigl6ner.c.2mdn.net ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
2 eqx.smartadserver.com ced-ns.sascdn.com
2 apps.sascdn.com ced-ns.sascdn.com
2 rtb.openx.net ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
2 csi.gstatic.com imasdk.googleapis.com
2 ced-ns.sascdn.com nationalgeographic.grid.id
2 imasdk.googleapis.com ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
2 gum.criteo.com 1 redirects nationalgeographic.grid.id
2 log.r2b2.io delivery.r2b2.io
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ad2.apx.appier.net 1 redirects nationalgeographic.grid.id
2 as.innity.com ads.gridtechno.com
2 htlb.casalemedia.com ads.gridtechno.com
2 bidder.criteo.com ads.gridtechno.com
2 sync.srv.stackadapt.com 2 redirects
2 secure.adnxs.com 2 redirects
2 csync.loopme.me 2 redirects
2 t.teads.tv nationalgeographic.grid.id
2 analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
nationalgeographic.grid.id
2 trabd.jixie.io scripts.jixie.io
2 asset.kompas.com nationalgeographic.grid.id
2 player.ivideosmart.com nationalgeographic.grid.id
player.ivideosmart.com
2 a.teads.tv nationalgeographic.grid.id
ads.gridtechno.com
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 p.rfihub.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com 1 redirects
1 u.openx.net
1 www9.smartadserver.com
1 pixel.everesttech.net 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 node-uk-raap3o.sitescout.com ced-ns.sascdn.com
1 gcdn.2mdn.net 1 redirects
1 node-uk-aesei4.sitescout.com ced-ns.sascdn.com
1 s.ad.smaato.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 mug.criteo.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 nep.advangelists.com 1 redirects
1 hbopenbid.pubmatic.com ads.gridtechno.com
1 gocm.c.appier.net 1 redirects
1 tlx.3lift.com ads.gridtechno.com
1 hb.jixie.io ads.gridtechno.com
1 kompascybermedia-d.openx.net ads.gridtechno.com
1 bh.contextweb.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 event.clientgear.com 1 redirects
1 sync.teads.tv s8t.teads.tv
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com nationalgeographic.grid.id
1 certify.alexametrics.com nationalgeographic.grid.id
1 apis.kompas.com asset.kompas.com
1 s8t.teads.tv a.teads.tv
1 d2wy8f7a9ursnm.cloudfront.net player.ivideosmart.com
1 d31qbv1cthcecs.cloudfront.net nationalgeographic.grid.id
1 prg.smartadserver.com delivery.r2b2.io
1 ajax.googleapis.com video.unrulymedia.com
1 stgrid.kompas.com nationalgeographic.grid.id
1 code.jquery.com nationalgeographic.grid.id
1 ads.gridtechno.com nationalgeographic.grid.id
1 delivery.r2b2.io nationalgeographic.grid.id
1 scripts.jixie.io nationalgeographic.grid.id
1 nationalgeographic.grid.id
1 nationalgeographic.co.id 1 redirects
0 google2waycm.netmng.com Failed ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
0 ad.atdmt.com Failed ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
552 155
Subject Issuer Validity Valid
*.grid.id
Sectigo RSA Domain Validation Secure Server CA		 2020-12-31 -
2021-12-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
scripts.jixie.io
Encryption Everywhere DV TLS CA - G1		 2021-08-05 -
2022-08-05		 a year crt.sh
1838731126.rsc.cdn77.org
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.gridtechno.com
Amazon		 2021-09-12 -
2022-10-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.unrulymedia.com
Go Daddy Secure Certificate Authority - G2		 2021-11-17 -
2022-11-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
kompas.com
Amazon		 2021-05-03 -
2022-06-01		 a year crt.sh
player-objects.ivideosmart.com
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh
trabd.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-10 -
2022-03-09		 6 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
traid.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-18 -
2022-05-17		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
hb.jixie.io
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-17 -
2021-12-16		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-09 -
2022-11-11		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.r2b2.io
AlpiroSSL ECC DV CA		 2021-10-19 -
2022-11-18		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.adrta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-10 -
2022-06-10		 a year crt.sh
cdn01.basis.net
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-14 -
2022-06-14		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-11-09 -
2022-01-18		 2 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.iprom.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh

This page contains 86 frames:

Primary Page: https://nationalgeographic.grid.id/
Frame ID: 10F9B79F48C043FE63E74BC9C74133F0
Requests: 131 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Frame ID: CF850DA5D6C04CE72011AB2C2E5212FF
Requests: 5 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1737-0-gf2d7995&siteId=1082369
Frame ID: F7849052D4B091A56E6325A4AF4B32E8
Requests: 5 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 2FEE1E6554ECB7613B36DE6944FAB3C0
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Frame ID: 7505AFE4871A2B16437DCEA435A75FDD
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Frame ID: 598886B5CCCF786A3F6845AB869B1F84
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Frame ID: 9CEDDB575DBFA5592C8B65B2EF80FF15
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
Frame ID: 0B149DB5F2CA2FBD0B02D77B221B8A12
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-e3f8deb6-7cdb-4c9f-a64e-093f21b90213-003
Frame ID: FE586ED447378F095023C17C50B7AA37
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Frame ID: A8509DD02E0A6B8C4C2146A5AD99FAF0
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
Frame ID: C8F03DA5AC369AD3823DC9385D362334
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
Frame ID: 365E9D5D7B1C1DDBAA0FDED5567918BF
Requests: 4 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Frame ID: 010130F84C552CA30538743745DF3EFB
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Frame ID: A78BAB77F4F0F04216BB52F779CD8C2B
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Frame ID: AA1D927EF57442595507326BDD39A36F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Frame ID: DECC238C332C85158C83B345480F7FAE
Requests: 9 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369&_bee_ppp=1
Frame ID: BC96E6FA4B9AB65D4CCAF5E9BC4A4DD8
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 3964DEF1972DE122833D1CC7FC9257EC
Requests: 2 HTTP requests in this frame

Frame: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 69ED6A0B3FDF7379C5C55FC724B073CD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalgeographic.grid.id
Frame ID: 004B23A7496F11D1C4D02EE16CA352FD
Requests: 2 HTTP requests in this frame

Frame: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D94D107EAAA0AE2119C37E76B4BED113
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWdG5ExILym-G2BLegQUG-ZBTQauw8eaW6Is-gudA73yG4_o-DLV_pzgadxwmGMi5Ct-nvrgvrpTUmNC_2NMsFDAJYklQQNXQQl7i7wYYcxHJNBcemZoMpHnsWiL607RI8e4n1IimRpXneAXq4Uv-2jhXPUaHI-EriGElmhXnfJp3o55HruIT7USSP_fLEzpKox4SDe4x2ntY5VIooVxGWPGpo5yZQjMWHMZvaNvqqS-YKytJ73X9azMDaX3os0H65AdLfcRNzWtHQeTrNtPd71EwkmzHXQsF0C2E-ENDdMk4A-O95xMFcDbltXtIguqeQ2kPcqV8QmwCcpnAVMw&sig=Cg0ArKJSzBrHVmjW0OA7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7A84517610F40BDF97E7DF7D4DA70209
Requests: 8 HTTP requests in this frame

Frame: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 33CAA0ED7E0BC1B60F75CE05FEBD8A53
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdaXrHvNBCzjzGYIUQfoDE3_RGkpH-ZKSd588mhx8MeL8o8kdXqQPw-S14cOQSBwuri1ylEbgMKT4vxDsJZj6OXFVe8YO11Bkg2d_NvEDOFZDEjXTQ9W06KIJXc0HHMdiXkbRs-PP_g9nwtvmTch-fDLmc8_i8Ork2H_nXj5tVJWlMaogmf_zBYzROFwz_AYJFPFggobwv0GyOhvkyWxpnfCXGYVO9oO4jKD_kUVgUgAU7mnSjZpLI6LeLlIS5_zYdJyY8LewO-a0hZ69TjgmKRO8J4bRHYLE6v-boYa2KKMDYf2PNRPaz2zbf4C2pG80wBvcOvxnKHvXPgxz8hg&sig=Cg0ArKJSzIGUZUtdLyjVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6EEBAE72EF095418A3CB16270E59249E
Requests: 6 HTTP requests in this frame

Frame: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A363AAFE6DBAA6339C7BF6A4F5BB317F
Requests: 44 HTTP requests in this frame

Frame: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1878C81FF92204251DF20DB7FD35EC23
Requests: 42 HTTP requests in this frame

Frame: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F2A5055E4D61E5C2029200C80C65442E
Requests: 16 HTTP requests in this frame

Frame: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7CA19236B8DF4A24A379BD9EB4143D98
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6A55D21F4B628B6164E40B2B0132900E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIYt5XwvAEwAQ&v=APEucNWiwde4AeLySuUbIyR8cJ2qwVofZHICfyU9KxBa12VW1Thp290dhz-JWdOM427CzrgIqizMxCUvYGf8Hsq5WDT9T-qDZPuzjmfAKNWbBCH9yLRU3zy5kJT49jyvcCVJdZd6l6oKtzSNmMupA9cOq_Df10lZ21idejYOXC0_iL20uf_2n2A
Frame ID: 60A3D65DC11F92E39243172EDA67166D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGPqgy7cBMAE&v=APEucNUKZDDcBo1pmGKb2jEkVAGmM-7L4BrGwzrReQ7rQh6WG_UlDY1qmH7ehminaTBMOnA1yeUtgHvAJVdWox97nwAA3v15c3v33KTfDh4_FY9e-DtNHoXxDvB7f6Dn7043G89Arm5pVfsuw2BtA_YPz7owsFogkSsrqmzikjNEU1_DEBta2BQ
Frame ID: B1C3C077014520A0F8B45B9829638B6F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGOjPyrcBMAE&v=APEucNUwN14GklNJykUrsEGWfl1FJXaeaCpszCcQ6cJx-ivx0RNK8NZy9mmT4DfCpGTl1h3zU9O2_r_WRHTuv0OjZFlllSD_ALww6ojvBVEi7N4oZjFSsiuDwyQj8GCsxzxJpVSrQM2LbCQ5oklNawO1Ho7uXgdNnB_tF8_Zn5J-rWjvGJNIMX0
Frame ID: 581969D7C7BABBBADE83E3490C96DE01
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY_ufptwEwAQ&v=APEucNXupUaxnwGd6-pnDZ_aMgfTBEs2ueCGw3DtBK6-prwK0wDbwPiqHQ11g_FbY-hxEU4AhKCgEkx5z_W-DoZYKQGgiXXxAIeybHhnSBv8DVBwglpUm4U2ds3vODp3WF5wjSsucML7HL2R9383CJbfqATDxfMO3ABGVNcKBh9JzPVSAdDT25g
Frame ID: DA22C30D999DBA14DAB22F74C5877BAC
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3A8889F3E6E6DE06ACE3D761D951C339
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 3544D214E6F26FFF4337828BFE54B72B
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 9BAECC350676055124BEC5AA5C29D792
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B2C13F6FBCBEB8E9D45D06667A69D064
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC7A3C369CDDE1D4CB7D7E53A122BC4B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3B7D8BFA5A524E3728FD89573897B79B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7C3C5A7F5351BEE21A818B728C08DA3
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 36F9492E56CF62A43788D8D94C6F2BFB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97BFABC130377F02CA37959F1EBB77E5
Requests: 3 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22251183134380490846%22%2c%22adomain%22%3a%22palantir.com%22%2c%22page%22%3a%221293733%22%2c%22format%22%3a%2293800%22%2c%22crid%22%3a%225473103%22%2c%22dsp%22%3a%2268%22%2c%22buyer%22%3a%228180%22%2c%22cid%22%3a%221895699%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-5702588174819441323%22%7d
Frame ID: 0B95BF11803E593348D07F956833A92F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: C0889CBD6A8E5AC59354402ABEEBB914
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2890CA5EF5F6AE3880B44A5E9AD82E12
Requests: 9 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22239924135312065920%22%2c%22adomain%22%3a%22palantir.com%22%2c%22page%22%3a%221293733%22%2c%22format%22%3a%2293799%22%2c%22crid%22%3a%225525409%22%2c%22dsp%22%3a%2268%22%2c%22buyer%22%3a%228180%22%2c%22cid%22%3a%221895699%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-7471361953007977148%22%7d
Frame ID: A324435DEE5A698F32DBA78F2DE48316
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 306D837C0A0AB03B32739F65ABDE8D87
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E76705310FD5F40CC01909C6C6164CB7
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 22271F8B78E0463C0696F0A2C40E5373
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
Frame ID: 90F380635EB0DE034B07BD0FB3187B42
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 02867A8674FF5F03DE0E14A627A9D3A3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0A2273F2FAE3E61A2D1668640266894D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6DFD9604092FB1E6F6D3DA5E605B066A
Requests: 9 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?nid=64&wb=1&hdid=0&gdpr=1
Frame ID: E79CD407A30979AA410CCC7F3D1F1D4E
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/asyncPixelSync?nid=64&wb=1&hdid=0&gdpr=1
Frame ID: FF2AEC09A315A047F49BC0A5BA5A110C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BDCB81A993D7332E3556DA8CBE17C728
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=Ojza5ph9n4&t=1&renderingType=2
Frame ID: 733EB07B699E02A8E1370595F83362C6
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
Frame ID: 7BE8C2196C37445CF8830C8BDE3A5FED
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 368A6C194AAB9F0518C639920E9F73FE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=cpwSHRh1bb&t=1&renderingType=2
Frame ID: E97F146A9E64CD52D57C54A085404B2A
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: EF711EE2DE3AEDD59CE764020FB69353
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D7848F747CF536C630BE26678DBB46AA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 446CCC8F89F3A1835C80AE02557EF458
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC7AE6571129C0F05CF37DA740E8A796
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 38E6250F2CF7F35161655321362D787A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C71DE74E6D06BC0CEAE9AA508DC5427
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDBF7D8814B0E0EB2DD22F695A378F16
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 08E6C4325D294DC7D5AD5477072465B7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 281E7574033742FAFAD9C32430E337C2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: CDDEAF1692EC0A47A8645BB3E412A4D4
Requests: 21 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1674DB44-51B5-40B5-ADB5-298DA410B8B2
Frame ID: 3FBB520ACD124867427E3937BF7D7A0C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4346793115810061751
Frame ID: 2A344530104F6BF45A0203052AD40A7C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1089F8AECED0CBAF3D25CC58221A362B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042181034545707158
Frame ID: B495D5D0192A8F30645112D3786AAC72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbraUQAMUrEKcABR&gdpr=0&gdpr_consent=
Frame ID: D57E1AFCE3E68B519976C8A14B4D6311
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 177EC58BB24C3FEC7C6FFD28D67D19DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 745DC0308E974BD442828F0CEF473600
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xTK2X_59TvxKS8CzJN1xSVnujtY
Frame ID: CD93C5F83091DE314EEC4C2C2CFF9A5F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Frame ID: F8F2A08A467C740268D970F3136092C0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=y2eyBciv6Ua44GKnm1vvX_Xb
Frame ID: 3CC805643B1634D51C7D647524A51F5C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: BE88EB6F1C077B746ACD6AE1ED290AB1
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 1ECFD6C818328EAD33579AC82EB1FB87
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: E0EE67A28CE002D806FD2BB49F035F5F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8293686b-9802-4147-88ea-c5c74bc8bc44-tuct8b45fd7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: EE9AEEBF5A1E68B278F891C33BE998CE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 49A8A33735D7511DC9179EE3788905B1
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 730E2224D6EC4FF5C820E074A1334A8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

National Geographic Indonesia

Page URL History Show full URLs

  1. http://nationalgeographic.co.id/ HTTP 301
    https://nationalgeographic.grid.id/ Page URL

Page Statistics

552
Requests

85 %
HTTPS

30 %
IPv6

82
Domains

155
Subdomains

111
IPs

17
Countries

7724 kB
Transfer

15082 kB
Size

111
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nationalgeographic.co.id/ HTTP 301
    https://nationalgeographic.grid.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1639635536800&ns_c=UTF-8&c8=National%20Geographic%20Indonesia&c7=https%3A%2F%2Fnationalgeographic.grid.id%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1639635536800&ns_c=UTF-8&c8=National%20Geographic%20Indonesia&c7=https%3A%2F%2Fnationalgeographic.grid.id%2F&c9=
Request Chain 97
  • https://x.bidswitch.net/sync?ssp=unrulyx&siteId=1082369 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=unrulyx&siteId=1082369 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=unrulyx&bsw_custom_parameter=79fba116-33cd-498d-8801-7d13cb7e5d83 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk281ee156-c7f2-42d7-8fa2-08e622c08a03&expires=7&user_group=5&ssp=unrulyx&bsw_param=79fba116-33cd-498d-8801-7d13cb7e5d83 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/79fba116-33cd-498d-8801-7d13cb7e5d83?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/79fba116-33cd-498d-8801-7d13cb7e5d83?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Request Chain 98
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D&siteId=1082369 HTTP 307
  • https://usermatch.targeting.unrulymedia.com/usermatch/loopme/1297cd00-9f9f-4d81-b87f-7e44e20ea8bb?siteId=1082369 HTTP 302
  • https://sync.1rx.io/usersync/loopme/1297cd00-9f9f-4d81-b87f-7e44e20ea8bb?siteId=1082369 HTTP 302
  • https://sync.1rx.io/usersync/loopme/1297cd00-9f9f-4d81-b87f-7e44e20ea8bb?zcc=1&dspret=0&cb=1639635537366 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Request Chain 99
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D&siteId=1082369 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/ff925d1dc5ff493ca6f3bcbe6c902b97 HTTP 302
  • https://sync.1rx.io/usersync/crimtan/ff925d1dc5ff493ca6f3bcbe6c902b97 HTTP 302
  • https://sync.1rx.io/usersync/crimtan/ff925d1dc5ff493ca6f3bcbe6c902b97?zcc=1&dspret=0&cb=1639635537652 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Request Chain 100
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/4113036491349184853 HTTP 302
  • https://sync.1rx.io/usersync/appnexus/4113036491349184853 HTTP 302
  • https://sync.1rx.io/usersync/appnexus/4113036491349184853?zcc=1&dspret=0&cb=1639635537333 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
Request Chain 101
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D&siteId=1082369 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/8b9961ba-da51-4200-bbc2-6ac8666197be HTTP 302
  • https://sync.1rx.io/usersync/mediamathtest/8b9961ba-da51-4200-bbc2-6ac8666197be HTTP 302
  • https://sync.1rx.io/usersync/mediamathtest/8b9961ba-da51-4200-bbc2-6ac8666197be?zcc=1&dspret=0&cb=1639635537339 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e3f8deb6-7cdb-4c9f-a64e-093f21b90213-003
Request Chain 102
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=1082369 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=1082369&_test=YbraUQAMUrEKcABR HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YbraUQAMUrEKcABR?&siteId=1082369&_test=YbraUQAMUrEKcABR HTTP 302
  • https://sync.1rx.io/usersync/adobe/YbraUQAMUrEKcABR?&siteId=1082369&_test=YbraUQAMUrEKcABR HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Request Chain 103
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1&siteId=1082369 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=unruly&ttd_tpi=1&siteId=1082369 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4?zcc=1&dspret=0&cb=1639635537332 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
Request Chain 104
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east&siteId=1082369 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
Request Chain 105
  • https://sync.srv.stackadapt.com/sync?nid=41&siteId=1082369 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/stackadapt/xTK2X_59TvxKS8CzJN1xSVnujtY HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/xTK2X_59TvxKS8CzJN1xSVnujtY HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Request Chain 106
  • https://pr-bh.ybp.yahoo.com/sync/unruly/?siteId=1082369 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-tY264xxE2oVqFarj0xRRnuD_GjRY.DNvq9Be~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-tY264xxE2oVqFarj0xRRnuD_GjRY.DNvq9Be~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Request Chain 107
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25&siteId=1082369 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/gAFJY1UggA8m HTTP 302
  • https://sync.1rx.io/usersync/pulse/gAFJY1UggA8m HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Request Chain 108
  • https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&siteId=1082369 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Request Chain 109
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369&_bee_ppp=1
Request Chain 110
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=1082369 HTTP 302
  • https://sync.1rx.io/usersync/quantcast/efqg1Cuq94Ri-KaDef_v1H6op4di_frULfpdK22I?gdpr=1
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc&siteId=1082369 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm=&google_sc=&siteId=1082369&google_tc= HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEDhnP550wtFM3-zODQst68g?siteId=1082369&google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/google/CAESEDhnP550wtFM3-zODQst68g?siteId=1082369&google_cver=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Request Chain 132
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=QOtVAaePDl2K6bXhUtq6YQ
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPxxLFGj_256tliSelQ1Vw&google_cver=1
Request Chain 137
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1&gdpr=1
Request Chain 138
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB&dcc=t
Request Chain 141
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-249f7be6-a92d-40db-bf34-11f5d5722f5c
Request Chain 143
  • https://usermatch.targeting.unrulymedia.com/usermatch/casale/YbraUc4Zw-BxkkkwsWXfVgAA%26340 HTTP 302
  • https://sync.1rx.io/usersync/index/YbraUc4Zw-BxkkkwsWXfVgAA&340 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Request Chain 144
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 160
  • https://sb.scorecardresearch.com/c2/8077308/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 175
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkfk1FFiS5h4Q5nNHTQBcwKc4NLKSXwMqtrWDySCUNtnnMh7dZcy3ApLx9snZb8NJTFtdyHQ6RlRUPqAUtzX8GOEb3x2rdekb9b3T7wBVcUC-QB-0E-VPbp3gcQLoNMbqYSBjWuA7Dv6YHZiySevK8Yh5Xctl1snrKlbBdHwDAQXZag052bG6gLghx3DpzCS19pmP_Tv2C6WIQ4Jw3wTjdvZ4_DLGRZ-nEqW2CaFo0M2E3evKSvdrP5NmXQekASh3jRRk8R8U7JNiD8ED_pjqx24QT2zWYUbRalGcOxCTFE0G5XDVCHsIJxJUghPrOnKvnuaIepjNz3O_8Uzs&sig=Cg0ArKJSzB3Czqz1Bf2ZEAE&uach_m=[UACH]&urlfix=1&adurl=https://asset-a.grid.id/ads/pixel.png HTTP 302
  • https://asset-a.grid.id/ads/pixel.png
Request Chain 184
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=grid.id&sn=ChromeSyncframe&so=0&topUrl=nationalgeographic.grid.id&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=RAnFaXxaTXNrTHp1TGhINFNlblkyRkdHTU9JY2NBNFF4S3hwekNyVXVMd2VDeVplL1NFUmM5Mng0L3l1YUE2azBGeXhic3VaSTloK0hnWkxwd0syanQ0VHlLajloRmFxL1JVQmhXMXNBNlJ0dFdsVHRJWTIwbGV0UjhibHlEQkRKa3ZER0dWa280dTRkVURZUUhTTXJUUlRydkZ1bFdzLzlSeFRubG41dE5HVUp0U0MrSm5oblRzUWVnbGJGcHJtN1VlbEJHalpPeU5aUERuTk1YNTQvN2dqYk1jeDY5cVNkVUpxRnBSRktFSkNHZC9rVW9BSHlZZlF0UDlrRFhFTUZicEN6b0FzRXp3U01zR3pCZjAxT1ZEclBhQT09fA&cppv=2
Request Chain 227
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 230
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 242
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Request Chain 244
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 246
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Request Chain 248
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 250
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Request Chain 252
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 267
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Request Chain 269
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Request Chain 277
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/847999/57777490/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:21cb7ad4-e139-178b-bb70-42f64639faa3,c:wWcQHx,sl:outOfView,em:true,fr:false,thd:1,mn:app21ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:5,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:35,oid:0ea4bf10-5e38-11ec-8eeb-0aeb40f66fa8,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 283
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOy7Upv14Unt8Rn7QRNKh4U&google_cver=1&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7To9S6tFj HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOy7Upv14Unt8Rn7QRNKh4U&google_cver=1&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7To9S6tFj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7To9S6tFj
Request Chain 285
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO3NrgsPDaoI1boNBnNXrE4&google_cver=1&google_push=AYg5qPLmnQIZf6nS9qXSjRVUtKXHq7R3i32Cdj5iC9mnYpN5fATxB3_oENv0BUuN2CGQAxW1V5LiXHkQX1fMrYGyi68UYIqDn_m9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLmnQIZf6nS9qXSjRVUtKXHq7R3i32Cdj5iC9mnYpN5fATxB3_oENv0BUuN2CGQAxW1V5LiXHkQX1fMrYGyi68UYIqDn_m9
Request Chain 286
  • https://match.360yield.com/match/ebda?google_gid=CAESELk5f0yN_te2GmNyC0llGWA&google_cver=1&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELk5f0yN_te2GmNyC0llGWA&google_cver=1&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPl3SFal80TAfJbdBqgbvv0&google_cver=1&google_push=AYg5qPJmKss7p5bXuPbBa3KJ-ZxyeMO-mPBgxmfalQ6NET7fbfw5OxbGc9vmhrqHcVh4uCLpIikHky4O_DOXE90hdW5r7iRXO8VUMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPJmKss7p5bXuPbBa3KJ-ZxyeMO-mPBgxmfalQ6NET7fbfw5OxbGc9vmhrqHcVh4uCLpIikHky4O_DOXE90hdW5r7iRXO8VUMQ
Request Chain 305
  • https://gcdn.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/1B0047B49D9F73FA736010DDCFEE109D224898D3.70BE94C0392B7217CAB55FCDA10B5803A5041331/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-aigl6ner.c.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81C4A935B28FCC69D097F6D894BB9D80827D0346.32B0DAFFEDB55D2716D1BCB6F1DAACB7894C3A70/key/cms1/cms_redirect/yes/mh/js/mip/2001:ac8:21:23:2da::1/mm/42/mn/sn-aigl6ner/ms/onc/mt/1639635156/mv/m/mvi/3/pl/48/file/file.mp4
Request Chain 314
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED5165pR28dK4HfoV-MeV7c&google_cver=1&google_push=AYg5qPIu3rLASDSJbkbxIxDsspq6fvNsa-8dMi9wpntIKMYxBkWtLo4DIOkRoqFm7rkdqejNavmzApF-OPriK6M-KkoX241trVdP HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIu3rLASDSJbkbxIxDsspq6fvNsa-8dMi9wpntIKMYxBkWtLo4DIOkRoqFm7rkdqejNavmzApF-OPriK6M-KkoX241trVdP&google_hm=SrBtIB99pCTCjUo0IZ9Xeg
Request Chain 315
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENENUPKNImYclO2RlV2lGGM&google_cver=1&google_push=AYg5qPJdv0cYFIJNi-gNUGiT68Y0Ti1tX1k66k4kv3lotvo8qDbuNJt3xtVUD2KPUJEHZUx87X-yswHdzVn4sSxjfCXBkKZk1ev6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPJdv0cYFIJNi-gNUGiT68Y0Ti1tX1k66k4kv3lotvo8qDbuNJt3xtVUD2KPUJEHZUx87X-yswHdzVn4sSxjfCXBkKZk1ev6
Request Chain 317
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGxufMvUvVk3GL_Fb7iAFw&google_cver=1&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4ExNF2VIJGsMlPBxEsOzFwf1zW9wn1-FDAYE6yChd HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4ExNF2VIJGsMlPBxEsOzFwf1zW9wn1-FDAYE6yChd&google_gid=CAESEMGxufMvUvVk3GL_Fb7iAFw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4ExNF2VIJGsMlPBxEsOzFwf1zW9wn1-FDAYE6yChd
Request Chain 319
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPl3SFal80TAfJbdBqgbvv0&google_cver=1&google_push=AYg5qPIP4FfqM-iNutSGa1P0koJ9MAqQ3LmnT0bMA4zrg2MSX7BY7CHtbjvQICR60NVckHAZdboaDAqCAqAvRp2BPM4sIdrd1LHBlA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPIP4FfqM-iNutSGa1P0koJ9MAqQ3LmnT0bMA4zrg2MSX7BY7CHtbjvQICR60NVckHAZdboaDAqCAqAvRp2BPM4sIdrd1LHBlA
Request Chain 321
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/847999/57777460/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:771792ce-fbaf-ed31-f743-f9726433c57d,c:wWcQLC,sl:outOfView,em:true,fr:false,thd:1,mn:app23ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sRJBDjV+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:34,oid:0ea8b6bd-5e38-11ec-af29-0ad2739237b2,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 336
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRWN-1RQWju55p-UkyfsXk&google_cver=1&google_push=AYg5qPL1gv9UQiAz7cxOCi0GnQB9d9Hrw9ui61P0nAIDudvrLfbP98Pa-VhrfaAEBemLchxpCOsDpy3MByWUyTr0HGqOc1Tv11o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1gv9UQiAz7cxOCi0GnQB9d9Hrw9ui61P0nAIDudvrLfbP98Pa-VhrfaAEBemLchxpCOsDpy3MByWUyTr0HGqOc1Tv11o&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
Request Chain 337
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMEquoMBHLOSaNJZnRSe_CY&google_cver=1&google_push=AYg5qPK272nk5YLsrL-OpO9j-fa3hv4ZaDFee15M-c_pbAsc7WlBwMnuUQPd6yiAO7bzSBLkQGpANAIw_5MYgtZgkQ6pcGRwX2st HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMEquoMBHLOSaNJZnRSe_CY&google_cver=1&google_push=AYg5qPK272nk5YLsrL-OpO9j-fa3hv4ZaDFee15M-c_pbAsc7WlBwMnuUQPd6yiAO7bzSBLkQGpANAIw_5MYgtZgkQ6pcGRwX2st&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK272nk5YLsrL-OpO9j-fa3hv4ZaDFee15M-c_pbAsc7WlBwMnuUQPd6yiAO7bzSBLkQGpANAIw_5MYgtZgkQ6pcGRwX2st
Request Chain 338
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENGZnlyd7JKlG__prunQd08&google_cver=1&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9uOeL85S_EGN HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENGZnlyd7JKlG__prunQd08&google_cver=1&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9uOeL85S_EGN&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9uOeL85S_EGN&google_hm=0a115d9be9495e93aa0ef63a
Request Chain 339
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEDvpVWTL-OYWGrO5moceKzg&google_cver=1&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
Request Chain 340
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGxufMvUvVk3GL_Fb7iAFw&google_cver=1&google_push=AYg5qPJ8x9YJr5okOUzCXsKfOyY72R7rUwjWn4uccwsTz1cHIl7Lo-nqY9fjHF7eNND3aip97MKkUAalPTr13sQLTt6_89fSkso HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPJ8x9YJr5okOUzCXsKfOyY72R7rUwjWn4uccwsTz1cHIl7Lo-nqY9fjHF7eNND3aip97MKkUAalPTr13sQLTt6_89fSkso
Request Chain 341
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPfiO-9e5_Ry3vthi5PA-Wbk7-dhfsMWaO2xmWScCQT8fJa_Q HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPfiO-9e5_Ry3vthi5PA-Wbk7-dhfsMWaO2xmWScCQT8fJa_Q&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPfiO-9e5_Ry3vthi5PA-Wbk7-dhfsMWaO2xmWScCQT8fJa_Q&apid=UP0f389af9-5e38-11ec-af2f-0ab25698202f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPfiO-9e5_Ry3vthi5PA-Wbk7-dhfsMWaO2xmWScCQT8fJa_Q
Request Chain 347
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED5165pR28dK4HfoV-MeV7c&google_cver=1&google_push=AYg5qPLFdDdEbd6yw2NlwwwZor8C-eTWGkaL-iGe6oo7U6FY92riByLS7zZ9Frp_2Prnd1ogBDbzEAcwZa8_3hcdrxf9WqYPa5Q6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLFdDdEbd6yw2NlwwwZor8C-eTWGkaL-iGe6oo7U6FY92riByLS7zZ9Frp_2Prnd1ogBDbzEAcwZa8_3hcdrxf9WqYPa5Q6&google_hm=SrBtIB99pCTCjUo0IZ9Xeg
Request Chain 348
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENENUPKNImYclO2RlV2lGGM&google_cver=1&google_push=AYg5qPIyvyLLvUQOCOjNYyny4TcIDvJOEm2C02r0cX1Kn1eDIgSkISje92ajhmfu93OyoY4eALcWmxJJ78Sqv3ZhurWsmk7ntJs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPIyvyLLvUQOCOjNYyny4TcIDvJOEm2C02r0cX1Kn1eDIgSkISje92ajhmfu93OyoY4eALcWmxJJ78Sqv3ZhurWsmk7ntJs
Request Chain 349
  • https://um.simpli.fi/gp_match?google_gid=CAESEJeaerxaGcwkgpYRxtzSZmE&google_cver=1&google_push=AYg5qPLopiXt8KXEx796-JH75o94suVk-x0Qt3v-_-vGlFDxptKEfvBym7lQBt5OesJqQhbY1l2ilEj7cGPM7HTNqazY3k4m3_xc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC30756037434F9E8694F59FE6223746&google_push=AYg5qPLopiXt8KXEx796-JH75o94suVk-x0Qt3v-_-vGlFDxptKEfvBym7lQBt5OesJqQhbY1l2ilEj7cGPM7HTNqazY3k4m3_xc
Request Chain 351
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxpKinRswxkp8l84ZK75p-lBTJXN HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxpKinRswxkp8l84ZK75p-lBTJXN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxpKinRswxkp8l84ZK75p-lBTJXN
Request Chain 352
  • https://match.360yield.com/match/ebda?google_gid=CAESELk5f0yN_te2GmNyC0llGWA&google_cver=1&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf
Request Chain 420
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENwoP1Erhdm2Bmswf-aDfcU&google_cver=1&google_push=AYg5qPKiFxJxfxC-oIoWhzRPCkv-jfjfkFTR06QnAKGHNnbt8juoNDsEMPEavoqNIEWAyRB6K4wfUbh_k7XBVy97EeDBv5TrpVk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKiFxJxfxC-oIoWhzRPCkv-jfjfkFTR06QnAKGHNnbt8juoNDsEMPEavoqNIEWAyRB6K4wfUbh_k7XBVy97EeDBv5TrpVk&google_hm=efuhFjPNSY2IAX0Ty35dgw==
Request Chain 421
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRWN-1RQWju55p-UkyfsXk&google_cver=1&google_push=AYg5qPK0zXSia6_NIAYDtYe1nkUmAqcpghtb0RpHPXNjriYuVHszAFEmm1Qt6VSMujmrDDyzh96RVJ51CikHdFVD2gTN59AxNdI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0zXSia6_NIAYDtYe1nkUmAqcpghtb0RpHPXNjriYuVHszAFEmm1Qt6VSMujmrDDyzh96RVJ51CikHdFVD2gTN59AxNdI&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
Request Chain 422
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPLkoGdwsw_OBEJsjJsjGJqxD4wKrpFmmDzrIXo81E4s3rDuxejrp6eM6p7_zsB61FLJBV33YrZMbOmEu-R4Z0PQFkDEsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLkoGdwsw_OBEJsjJsjGJqxD4wKrpFmmDzrIXo81E4s3rDuxejrp6eM6p7_zsB61FLJBV33YrZMbOmEu-R4Z0PQFkDEsQ
Request Chain 424
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7th2IOCjpBU9WHeaCxCugfZs3iNqkUbI8FAToOXgOrd_u9M HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7th2IOCjpBU9WHeaCxCugfZs3iNqkUbI8FAToOXgOrd_u9M&apid=UP0f389af9-5e38-11ec-af2f-0ab25698202f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7th2IOCjpBU9WHeaCxCugfZs3iNqkUbI8FAToOXgOrd_u9M
Request Chain 443
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLbSRkmSha9tfTdPeJm0ze5XZ2FwjGFflaCogwam5noVTXkCXNrPVZ_Z9MtA4VWRsLPW7Th64iqMqD18Tk0lgraU0D2seA&google_gid=CAESEC-mT8FzeSKSBk-XiWj2y18&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJyYVVRQU1VckVLY0FCUg&google_push=AYg5qPLbSRkmSha9tfTdPeJm0ze5XZ2FwjGFflaCogwam5noVTXkCXNrPVZ_Z9MtA4VWRsLPW7Th64iqMqD18Tk0lgraU0D2seA
Request Chain 444
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOco14orfyTGONSBSe6kEl8&google_cver=1&google_push=AYg5qPIMGr6PnPn2cQgnhJdKosIIC8n9EKHmxYL_OPJqLMuM8AFZc4XOK38KRIZKwoG8jmG5Bd5Pg8afX8FxJdrIeiDzI1Qbc04 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJyYVVRQU1VckVLY0FCUg==&google_gid=CAESEOco14orfyTGONSBSe6kEl8&google_cver=1&google_push=AYg5qPIMGr6PnPn2cQgnhJdKosIIC8n9EKHmxYL_OPJqLMuM8AFZc4XOK38KRIZKwoG8jmG5Bd5Pg8afX8FxJdrIeiDzI1Qbc04
Request Chain 446
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPKMxCHyje4jWEBwI1ExFdvkAvjJbwbI1pt6Bj9BYyEJ_IS516Rnv8mlbFFgB0GMC8nsvQXjzVEz7IS143R0GUOT_uJNaWQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKMxCHyje4jWEBwI1ExFdvkAvjJbwbI1pt6Bj9BYyEJ_IS516Rnv8mlbFFgB0GMC8nsvQXjzVEz7IS143R0GUOT_uJNaWQ
Request Chain 447
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPLyUfBw-1ESnwrHG6vjSb8EZqSkXdh9YLIg5ib9GKiCRYHWCz1mpp7n-jKMZLOzwGHJE2L_g-O_yCWmpCmlZ87pR_507kE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLyUfBw-1ESnwrHG6vjSb8EZqSkXdh9YLIg5ib9GKiCRYHWCz1mpp7n-jKMZLOzwGHJE2L_g-O_yCWmpCmlZ87pR_507kE
Request Chain 448
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMEquoMBHLOSaNJZnRSe_CY&google_cver=1&google_push=AYg5qPIuizh9AZg1jfFo7lPApm4a0Cf1fzwJoqrfYgj6sdlzqP-UEKgvudmTgBvD7NiscCS45H94AShchnlS28-PeuYH5O3gpaI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIuizh9AZg1jfFo7lPApm4a0Cf1fzwJoqrfYgj6sdlzqP-UEKgvudmTgBvD7NiscCS45H94AShchnlS28-PeuYH5O3gpaI
Request Chain 466
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 467
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTY3NERCNDQtNTFCNS00MEI1LUFEQjUtMjk4REE0MTBCOEIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAMIkFQJ3Y-FS0eolCGfj8Q&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 519
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4346793115810061751
Request Chain 520
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 521
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042181034545707158
Request Chain 522
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbraUQAMUrEKcABR&gdpr=0&gdpr_consent=
Request Chain 523
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLOXJVN0RkYlVBQUQzemw5U0EzQQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 524
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 525
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xTK2X_59TvxKS8CzJN1xSVnujtY
Request Chain 526
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4461630230 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Request Chain 527
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=y2eyBciv6Ua44GKnm1vvX_Xb
Request Chain 531
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8293686b-9802-4147-88ea-c5c74bc8bc44-tuct8b45fd7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 532
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 534
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 535
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b9961ba-da51-4200-bbc2-6ac8666197be
Request Chain 536
  • https://pixel.onaudience.com/?partner=214&mapped=1674DB44-51B5-40B5-ADB5-298DA410B8B2 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=72fb2970f6fd3e65492c908abba3cd71
Request Chain 538
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b9961ba-da51-4200-bbc2-6ac8666197be&gdpr=0&gdpr_consent=
Request Chain 539
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d65b1dce-9306-45da-b9ff-f23cc479c3b4
Request Chain 540
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1987437709068271678
Request Chain 541
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4113036491349184853&gdpr=0&gdpr_consent=
Request Chain 542
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u4KOgenS2dGggIjWu4fBgbzQidKghdSB74LbQ3sA
Request Chain 543
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1674DB44-51B5-40B5-ADB5-298DA410B8B2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KezUJBFE2uWr_58Fx.qidbJ8kHau51I-~A&gdpr=0&gdpr_consent=
Request Chain 545
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329519890533415&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79fba116-33cd-498d-8801-7d13cb7e5d83&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 546
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514676855308932642&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 548
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 549
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:11485d30-ed07-4b10-a3e1-19182aa35e93&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 550
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4113036491349184853

552 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nationalgeographic.grid.id/
Redirect Chain
  • http://nationalgeographic.co.id/
  • https://nationalgeographic.grid.id/
102 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:1000:2:9944:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5e361db1f96f6d40909238f50e8aa52815ce6fbb8c689b24df49f40830b45641
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 16 Dec 2021 06:15:35 GMT
server
nginx
content-encoding
gzip
x-xss-protection
1; mode=block
x-robots-tag
index, follow
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 347732911156afff87ff95b6d55b9279.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
A8DlMf2VaOmn5TKd1ZaMlu04WV8jWd2Hm3G2Lj-wDN0gZl5CacmY-Q==
age
199

Redirect headers

Server
awselb/2.0
Date
Thu, 16 Dec 2021 06:18:55 GMT
Content-Type
text/html
Content-Length
134
Connection
keep-alive
Location
https://nationalgeographic.grid.id:443/
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1072 / 792 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26915
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Dec 2021 06:18:55 GMT
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,500,600|Roboto:300,400,500,700,900
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f12ed6744a21d10507ea52d2d6fac2e8ea9ccec2d1042aaadffe44fb7b97a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 06:18:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 06:18:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 06:18:55 GMT
desktop-natgeo-V2.css
asset-a.grid.id/new_css/ngi/ 		83 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_css/ngi/desktop-natgeo-V2.css?v=JW7KSluH
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
fdbd6755c5984815158d1cfe6597c7cb75273805431fee40e256cb4b4ffd7016

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 09:01:06 GMT
content-encoding
gzip
last-modified
Thu, 07 Oct 2021 08:53:41 GMT
server
nginx
age
6038269
etag
W/"61e490a397d8a2b5135d1713d69c7d1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ObPifgnMRZx8GO5tKu.wShSpYckdBqpK
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
8SgnmsfoIGxAjEkRNwUPgnumyPeqPriMaQkU1N9XtQIi2JQZY1q4XQ==
expires
Fri, 07 Oct 2022 09:01:06 GMT
jixietracker.min.js
scripts.jixie.io/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.io/jixietracker.min.js?accountid=fa9afd31c9c8769a7ae23ef3661ac43f
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7b2c2c70b3522ddffbb4f376e6e7207c6153cd28251435f27b4db4ab378a55fa

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 06:43:16 GMT
via
cache19.l2de2[2904,2903,304-0,H], cache18.l2de2[2904,0], cache18.l2de2[2906,0], cache14.de3[0,0,200-0,H], cache7.de3[1,0]
x-oss-request-id
61B98E84D06C7B333260CABA
content-md5
apE1lQ17dhgmNnXbbbuBpA==
age
84939
x-cache
HIT TCP_MEM_HIT dirn:13:547865739
x-oss-cdn-auth
success
x-swift-cachetime
2592000
x-swift-savetime
Wed, 15 Dec 2021 06:43:16 GMT
content-encoding
gzip
content-length
9088
x-oss-object-type
Normal
last-modified
Mon, 15 Nov 2021 06:41:49 GMT
server
Tengine
etag
"6A9135950D7B7618263675DB6DBB81A4"
vary
Accept-Encoding
ali-swift-global-savetime
1639550596
content-type
application/javascript
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
1121897870963362077
eagleid
4f85b19b16396355359747820e
x-oss-server-time
1
grid.id_desktop
delivery.r2b2.io/hb/kompasGramedia/ 		268 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7ff87fffd27717c26dd18f1bbf22eac83b8ba4ef705ed48fc0ad67fc7b913e7a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
x-77-nzt-ray
XhAsIEoi+y8=
x-77-cache
HIT
x-cache
HIT
x-age
1602
content-length
79736
x-77-nzt
Abk73BCLGAT/QgYAAA==
x-accel-expires
@1639635734
adt-powered-by
slim
server
CDN77-Turbo
etag
6532ccc4ba0986a8628eddbf58398610
content-type
text/javascript; charset=utf-8
cache-control
s-maxage=1800
accept-ranges
bytes
grid-prebid5.js
ads.gridtechno.com/PREBIDJS.JS/2021/OKT/ 		287 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.93.127 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-93-127.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aeb19cf3b6630f6c1542112fdbcf31b3b047a44b9eff95c72a322b7a0e6a0e07
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 07:14:58 GMT
server
nginx
etag
W/"61765972-47be5"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
x-xss-protection
1; mode=block
expires
Thu, 23 Dec 2021 06:18:56 GMT
gtm.js
www.googletagmanager.com/ 		217 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a011c98d20c8afea31a22879b440100871a16d63d657329ce83062146a0778d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68285
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Dec 2021 06:18:56 GMT
tag
a.teads.tv/page/77045/ 		1 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/77045/tag
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.142.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a79d0e828e287adcf8a00b934cb03ae8a87abbf6e65ee22bbb85a39a2e298201

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
663
expires
Thu, 16 Dec 2021 07:18:56 GMT
native-loader.js
video.unrulymedia.com/native/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native-loader.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.3.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60f1049eda05e15054d13ac449d2087389816a3e95d09340a9f8a6d3042db8d4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:30 GMT
content-encoding
gzip
x-amz-expiration
expiry-date="Wed, 13 Dec 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 14 Dec 2021 19:36:24 GMT
server
AmazonS3
age
146
etag
W/"f26349f2b2807ba7b657bf668146eff4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
SMM2JrirIbg_xb9ERl68XiQvbzNwH6X8
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
cYV-xY0QGpuGSpzItm4WmE8RZuKby5SWWbnCg2Y9eAq0v4-LtcKS8w==
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://nationalgeographic.grid.id/
Origin
https://nationalgeographic.grid.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:55 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:18:54 GMT
server
nginx
etag
"573f46fe-17b8b"
vary
Accept-Encoding
x-hw
1639635535.dop017.ml1.t,1639635535.cds217.ml1.hn,1639635535.cds214.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
main.min.js
asset-a.grid.id/new_js/ngi/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_js/ngi/main.min.js?v=qUFPybt1
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
020b7abbefe06a1902e0d1160e9481ef2e518906dcc5f91bf2ce33f4b1a2341b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 08:16:24 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Wed, 07 Apr 2021 08:13:25 GMT
server
nginx
age
21852151
etag
"a7e13adc6fea0bea853810034669b8d2"
x-cache
Hit from cloudfront
x-amz-version-id
fEE48cbYbjLJB6bbO4.lGx.wtsy1cA4N
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
text/javascript
content-length
1522
x-amz-cf-id
WmkSu9uLUY1_5qwwo6iaESEWRQLLTF5NN4kn5DmxtGrd_q1qtVotRw==
expires
Thu, 07 Apr 2022 08:16:24 GMT
jquery.sticky-kit.min.js
asset-a.grid.id/new_js/ngi/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_js/ngi/jquery.sticky-kit.min.js?v=ODrPd7Qx
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
79bea76dc8f96aa37e9fc06fb82ff82bea2267a9ce64a87504780328cdd16d1d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 10:39:38 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Wed, 07 Apr 2021 08:13:25 GMT
server
nginx
age
1885157
etag
"f1b1c8321b6b5eb8e017150beda27f7f"
x-cache
Hit from cloudfront
x-amz-version-id
ProoYETIuiLjmC53jda5nynoCseAIbA8
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
text/javascript
content-length
2801
x-amz-cf-id
b9JPO8HExSS9o1-NMAXd7dXSg2kJy2tfqsV8cNNh_5xigKCl1divdA==
expires
Thu, 24 Nov 2022 10:39:38 GMT
slick.min.js
asset-a.grid.id/new_js/ngi/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/new_js/ngi/slick.min.js?v=Y6JvR1pN
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
79df698ed9c174a5c956bae06db86fbe887414b4833ba9256436983909727e65

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 08:16:24 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Wed, 07 Apr 2021 08:13:25 GMT
server
nginx
age
21852151
etag
"7fc71fb412f3943c6c995da324d0c58e"
x-cache
Hit from cloudfront
x-amz-version-id
mPELsKDSx0NU1XMJ7gh0GVaRbARVa0xT
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
text/javascript
content-length
41674
x-amz-cf-id
qj1502JXiKDrp_DdtodEvGi1C7Cyp27EURHScsdMFUhH3dXZD5A4Aw==
expires
Thu, 07 Apr 2022 08:16:24 GMT
lozad.min.js
asset-a.grid.id/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/lozad.min.js?=v1
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
9529b0a64a297463ef67485e060c33abd87638cb8a07771b50d7766afb0752ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 02:08:50 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 09:19:38 GMT
server
nginx
age
1051805
etag
"b00705116cab67ce2dc48244fcdb9a9f"
x-cache
Hit from cloudfront
x-amz-version-id
DMOXcCPAHJmSaiGoB4JFhbjAT.COxe1x
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/x-javascript
content-length
2203
x-amz-cf-id
JSpCyk3KkIXZ0zAgQmKJwgm4HnbkGI1NDZwiyYYQ6C8glrGYv4C65g==
expires
Sun, 04 Dec 2022 02:08:50 GMT
general.js
asset-a.grid.id/js/ 		949 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/general.js?=v1
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
0cd99ca2bfb922fb3c52fa43f406bc0e1412628943e6c216c5f002dc4a50e852

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 03:00:21 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 04:58:02 GMT
server
nginx
age
1912715
etag
"dd75553394fb9ecbdf5e2a3ca5f68587"
x-cache
Hit from cloudfront
x-amz-version-id
8Wp.zWz_aNBDeq9M8ZPYIZOtT7hOoGnZ
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
949
x-amz-cf-id
l9utLO4RuV2e2oGg48cT9hiSH_Y_mReeE0IobXpsU_EG1Q9qd6kooA==
expires
Thu, 24 Nov 2022 03:00:21 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.5.6/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 21:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Tue, 13 Dec 2022 21:34:31 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.6/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 21:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Tue, 13 Dec 2022 21:37:28 GMT
grid.js
stgrid.kompas.com/kgnotif/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stgrid.kompas.com/kgnotif/grid.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-33.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
eef2525c2fdb145070cc666174212f34c138606674ae23e4a7d035a88282a048

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 14:08:19 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
age
23213435
x-cache
Hit from cloudfront
content-length
3685
last-modified
Thu, 17 Dec 2020 08:09:15 GMT
server
nginx
etag
"e920a7927585b8b2b81444732670719e"
access-control-allow-methods
GET, OPTION
x-amz-version-id
W2CwcLzOL_OJd6Yw3VB97tj0aeunI7Cu
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
n7VTc7mbca6-Cel3UNfD0i-JiZqFe5Yrrcup5NCboZlOnc1P8Ioqag==
expires
Tue, 22 Mar 2022 14:08:19 GMT
sso_g_signin_v2.min.js
asset-a.grid.id/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/sso_g_signin_v2.min.js?v=1
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
656136cf92d62284887324cf2f49d5fcc708d9d63750670d9bf17c58654561c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 15:55:24 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
age
9383012
x-amz-meta-origin-date-iso8601
2021-01-22T04:04:52.649Z
x-cache
Hit from cloudfront
content-length
2600
last-modified
Fri, 22 Jan 2021 04:05:13 GMT
server
nginx
etag
"d114e05a70a6a17684fa41c4a8a8076e"
x-amz-version-id
3_BgZYlueXiDhHcBuukL8e7sQKJVkPRk
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
xXYqByRTSyOccKO78eibvzbrkiiXdDgxRH7OXgNLSeF3dEnyt_9HeQ==
expires
Mon, 29 Aug 2022 15:55:24 GMT
getcookie_sso.min.js
asset-a.grid.id/js/ 		530 B
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asset-a.grid.id/js/getcookie_sso.min.js?v=7
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
2a9e0440f6d7e307945f9fc5e65871f45d2c006574f93959e7aede47e763ec91

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 15:57:57 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Mon, 02 Nov 2020 06:43:55 GMT
server
nginx
age
9382858
etag
"088780284be9dd502f8fc9b8bdc91dfe"
x-cache
Hit from cloudfront
x-amz-version-id
yJmO9vMCYAZTjG2biRuqAxhaOa5CThZg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/x-javascript
content-length
530
x-amz-cf-id
CvcreiAvc-UcJaOvRoyHOJ3mIzYE8TIi1BKk4a0OGNxG-T9M_Wxirw==
expires
Mon, 29 Aug 2022 15:57:57 GMT
loader.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de::5c7b:b472 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49621e436525b12f63dc7d366cc42e95a0815196991833456ada04bb72080dfb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:18:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR61-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
2943
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Wed, 15 Dec 2021 08:10:29 GMT
Server
AmazonS3
ETag
W/"95014da1c864b46a13adbb9d356e14b6"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
TilS4GAzu5mAuAOeP58_r3hhJyc8T-geN2OY5AL3ngoPRPZFZxiTrA==
extender.min.js
asset.kompas.com/data/2021/sso/js/ 		81 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2021/sso/js/extender.min.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-80.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e979c6e62ea0f863b394a8fdddc5004b20d64e570e89da5833fc9304ba1970b7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 07:41:32 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age
686243
x-amz-meta-sha256
e979c6e62ea0f863b394a8fdddc5004b20d64e570e89da5833fc9304ba1970b7
x-cache
Hit from cloudfront
content-length
81
last-modified
Wed, 08 Dec 2021 07:41:05 GMT
server
nginx
etag
"5d5517851c9981b47970fef2042911fe"
access-control-allow-methods
GET, OPTION
x-amz-version-id
QrDkQdjvM4LqprVQ9jZRouGs5HvSyDZ1
access-control-allow-origin
*
expires
Thu, 08 Dec 2022 07:41:32 GMT
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
Rr_D9WLW1Yaf3M_sriAqo4y339-bRJzpHC80K6HedAzktkdP9N5o1w==
x-amz-meta-s3b-last-modified
20211208T073951Z
hbbidsvisit_t
trabd.jixie.io/sync/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://trabd.jixie.io/sync/hbbidsvisit_t?x=1
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=fa9afd31c9c8769a7ae23ef3661ac43f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.43.132.130 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
truncated
/ 		637 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e4c3f81037f03d7851d0dc5bdc30906d542303fad118bd695131a6bd1116dd8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		453 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
267854b1083c97899a2c8cfdb8fa73ce3d3ce304d04145f330654c6a94038ac1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		867 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
795c86ca9140f5ab15efd64e171c82cfbd4306cbac92d9a8d766830ab8587ddf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
014d7fe9e37fd7ea12010975a66e9c6c40bcc0f2e1f281af694d72980e42bd23

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6bab38dd771d4056ff9339cfec9c45abd47461ab2d930e4c165199e0438dfcf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Dec 2021 06:18:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		235 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nationalgeographic.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
04af8114d9db8c32055321b67b53ab177f7e1c0da2b43f74e81bacab8c3fb0c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145
x-xss-protection
0
expires
Thu, 16 Dec 2021 06:18:56 GMT
systemSkin.json
video.unrulymedia.com/system-skin/ 		740 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/system-skin/systemSkin.json
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.3.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dca5d6f7e5b17ce0e464cbee245411efc50c007ccf7dfd32f7ec0fb72655da0f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
HkvbFSbpHnFajRLwx7oLAQHIpcGZRjQB
via
1.1 0247123ccdc6a2a86167d7f4de30885b.cloudfront.net (CloudFront)
etag
"33b9e9023e5edc6704dbf217494663d1"
x-amz-cf-pop
DUS51-P2
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
content-length
740
x-amz-expiration
expiry-date="Wed, 13 Dec 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 14 Dec 2021 19:39:28 GMT
server
AmazonS3
date
Thu, 16 Dec 2021 06:18:57 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
max-age=600
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
vSwQEo8sEhti4Wd6_2z4s4hEo7q8QRyLSnVjjAW8NuA7D7JPvLXniQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame CF85 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Origin
https://nationalgeographic.grid.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 19:19:06 GMT
x-content-type-options
nosniff
age
39590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86709
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 19:19:06 GMT
img
rx-stats3.unrulymedia.com/trackedevent/ 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=tag_load&adslotid=17dc1e4caba2955233aea0d&clientver=v1.0.1737-0-gf2d7995&siteid=1082369&iframe=false&compat=CSS1Compat&pageloadid=17dc1e4caba2f8165c0d7e4&cb=1639635536570&siteenv=html&doc_type=outstream_pread_event
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
bundle.js
player.ivideosmart.com/ivsplayer/v4/dist/js/ 		250 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de::5c7b:b472 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2ffadd6dd473ddf322806d456a31ffb76bd77cf484ceeedbb2c46e0abcf3a9c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:18:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
LHR61-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
69972
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Wed, 15 Dec 2021 08:10:29 GMT
Server
AmazonS3
ETag
W/"d69ac41640dc636d0597aaa779cdaf7e"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
u7MDGngKNtsOrz3ZQy04HphxYaMxXHQNipP5kWHCyOBW5mZ4__2rXg==
client
accounts.google.com/gsi/ 		183 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: asset-a.grid.id
URL: https://asset-a.grid.id/js/sso_g_signin_v2.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bcd37221540418727db6cc5406d89f5eb2ab9c1aae926991c269bf37d5d4bad4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rYziKEzeeOG/OwN95P22mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-rYziKEzeeOG/OwN95P22mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Thu, 16 Dec 2021 06:18:56 GMT
user
traid.jixie.io/api/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/user?info=interests-short,intends-short&idlist=
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=fa9afd31c9c8769a7ae23ef3661ac43f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.43.132.130 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
872ea7ee4063955a38cba12456ee480ea5cdbedb33ce8cddbd6e153f4d21d816

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:18:56 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
W/"73-BbPPvDZdqRKMyUsMcz11nASK2Jg"
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
truncated
/ 		476 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9bf34a4a117795cace257ddf1a2c8002513749a962f2e512823459f55cc3375

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01d8fa0a4a97cfc72b9c4343d43bd68cd3becfbfa7e2a764d3037eb36e5e2063

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
ngi-natgeo-logo.png
asset-a.grid.id/new_image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/new_image/ngi-natgeo-logo.png
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
91f1aa49deaf5d0dd65c0ac747f9717f8fa036b8b12ca43fcad75e96e772866e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 04:05:17 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Mon, 09 Nov 2020 03:56:04 GMT
server
nginx
age
9252819
etag
"75a612ef264304905a85adf8df0c47e3"
x-cache
Hit from cloudfront
x-amz-version-id
YM4AzjGN1gyv5dd4xxril.Qx7YjcwcnW
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
6487
x-amz-cf-id
4GLDLqX9zveyXQW6Y52z8fcgCEpl0Od35qIqChYfVP5dFMu9MfCdMQ==
expires
Wed, 31 Aug 2022 04:05:17 GMT
natgeo-icon.png
asset-a.grid.id/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/img/natgeo-icon.png
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
0f9c1717291343eafec960d5abc6ffb183d3260ea8499cce78c48258dbdbe8b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 06 Feb 2021 03:07:38 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Fri, 01 Mar 2019 12:27:38 GMT
server
nginx
age
27054678
etag
"f5689e344025e4458f1a83e17f5d8e02"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
1461
x-amz-cf-id
Kh_IV7O7ZYw7ind95d0FBKcG0TZbZqFYi5m_uZAGMkoAqXHmyKHpYA==
expires
Sun, 06 Feb 2022 03:07:38 GMT
2021_1102_03464100jpg-20211106100253.jpg
asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/06/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/06/2021_1102_03464100jpg-20211106100253.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
676359d034469f417493da2135aa2df7914cb6959480248cfc9c0d87d2e3b92c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 03:28:17 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
3379839
etag
"69ba5c67cafe2cbef5d1748eab6226f9223ccc23"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
59024
x-amz-cf-id
pr5hctH-D9QjOEvwaJ2zvEkojTccUvhSdAMUtep19AUp9Dxkpr3EJw==
expires
Mon, 07 Nov 2022 03:28:17 GMT
andromeda-jpg-20211105050817.jpg
asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/05/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/05/andromeda-jpg-20211105050817.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
caac8746ff2afd391c74e9b00c2d8f63e6c4f1dc7901567000ad3278c678a945

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 00:30:49 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
2699287
etag
"0707694a477f48f4d1bd5fec29a04c5ed3d415f1"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
52608
x-amz-cf-id
ihmZPU0Qfz2rsV8300EMdFUQzI6hUzgSi-oa92aiSlTfBF5J3G6eOQ==
expires
Tue, 15 Nov 2022 00:30:49 GMT
stokerjpg-20211106094935.jpg
asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/06/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/06/stokerjpg-20211106094935.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
de398cef5e0bbe384fc276a961138d8db9fdda2e1a2c8e7c46ca759bdca14640

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 14:18:33 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
2390422
etag
"619c1c87484a44739973eeb596ea4bebd205cc0b"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
31032
x-amz-cf-id
Z8lOUmzrklCOXWGRTCu714Rb2RASe5p6Akt8NjVK5qfYl6XtOeHYXA==
expires
Fri, 18 Nov 2022 14:18:33 GMT
1jpg-20211104110508.jpg
asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/04/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/750x520/photo/2021/11/04/1jpg-20211104110508.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
da398887987ebe2b9ca0d31bab4be8d537abe847253d0f203d84f8caa6abf234

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 14:18:34 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
2390422
etag
"98ce63610ddd4b51502ffd4be5e11793263971f7"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
42483
x-amz-cf-id
ABlpRpFeW75frJKTKw853TdtNxR9iAT8mhZiHQzmkjIyluJGrLoJSw==
expires
Fri, 18 Nov 2022 14:18:34 GMT
11ajpg-20211103094920.jpg
asset-a.grid.id/crop/0x0:0x0/220x220/photo/2021/11/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/220x220/photo/2021/11/03/11ajpg-20211103094920.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
21108ed248c0dcee6c882cffa34d69e67aa645f80e78ba1b7b0c37e29fca2e4c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:12:42 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
2455574
etag
"5ac5292a05717c69347ef280941c50e1e04e454f"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
9124
x-amz-cf-id
njkV8g-UQYDjG_4Q8-znJAwYi2V9BujIHyiHxw9sfpUSf3PVJr29Mg==
expires
Thu, 17 Nov 2022 20:12:42 GMT
basilosaurusjpg-20210730090818.jpg
asset-a.grid.id/crop/0x0:0x0/220x220/photo/2021/07/30/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/220x220/photo/2021/07/30/basilosaurusjpg-20210730090818.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
7fe2c3b0ceb44bdfe9ef909e40e1c1ec8601fdff5be704bf380fb2803de3a716

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:15:02 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
4853034
etag
"6369584916421ab099ae109753cfcc543db9b10a"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
7684
x-amz-cf-id
nqPz7K1wyvdEB164qmqp71ByDOLN2THxQLeLhOxsH2NCV8q0sD3ZcA==
expires
Fri, 21 Oct 2022 02:15:02 GMT
kepala-1jpg-20211103050105.jpg
asset-a.grid.id/crop/0x0:0x0/220x220/photo/2021/11/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/220x220/photo/2021/11/03/kepala-1jpg-20211103050105.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d88522ded868c9364a5256c33de5aa87a534eedb1d012fa35fbf595d1007d3ee

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 07 Nov 2021 03:28:16 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
3379840
etag
"9d0fc84c4d34903c6bd8d40caea8eef4cca570f9"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
15480
x-amz-cf-id
qA3ifl1jO1TDbyxmbNuXOuxNvnWvGqoPOjdJQC92CFvL8MFiFh9Dhg==
expires
Mon, 07 Nov 2022 03:28:16 GMT
australia-wildfire-jan-2020jpg-20210513051519.jpg
asset-a.grid.id/crop/0x275:560x695/345x242/photo/2021/05/13/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x275:560x695/345x242/photo/2021/05/13/australia-wildfire-jan-2020jpg-20210513051519.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d9cf9a0d9992b5d9ad4df82ad98abfe3d16fe49a5bd3f10d7cfc6a5680fef67d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:10:28 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
508
etag
"44629566b7922e245ec881b2c48a6ed169b81b33"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
12337
x-amz-cf-id
NK0MOuYsJZGdVTlKizvXd79oOvnriw8blzOvGML1RSSqx0_InFmq2w==
expires
Fri, 16 Dec 2022 06:10:28 GMT
ikan-barreleyejpg-20211214060528.jpg
asset-a.grid.id/crop/102x0:810x414/95x95/photo/2021/12/14/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/102x0:810x414/95x95/photo/2021/12/14/ikan-barreleyejpg-20211214060528.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
87585f78a2a5fd5859e3540a1a6a010d211b04649b6cc5f11ac157655981e212

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 21:35:33 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
31403
etag
"ee453d99ce12f52146f2e9a6e52ac980d1c5e5a3"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
2100
x-amz-cf-id
Rqy2TZmZjcbMn4m_CwwtVPZ9-y3mFR7nf4YO6DnElPSPa7SLb4WLgg==
expires
Thu, 15 Dec 2022 21:35:33 GMT
cheribonjpg-20211205082908.jpg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2021/12/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2021/12/05/cheribonjpg-20211205082908.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
b9876b883579f27e9579e2f9da8deeaa71cf61640c3215a3a469e48224b78358

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 03:04:36 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
11660
etag
"55df8ee48f1141459dce7dfc94cb3fc226862022"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
3374
x-amz-cf-id
k2-A-CDqTPBTxJIXD7g4-47eDkBDhshcQfe0q3KwoWHK7Pu3uPHe0g==
expires
Fri, 16 Dec 2022 03:04:36 GMT
publishertag.standalone.js
static.criteo.net/js/ld/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://nationalgeographic.grid.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:18:56 GMT
expires
Fri, 17 Dec 2021 06:18:56 GMT
cache-control
max-age=86400
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age
86400
publishertag.standalone.js
static.criteo.net/js/ld/ 		91 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
33eab5c2f0e3dd967e917f34bf9044ef280a1c73501414c1da75251664e04861

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/javascript

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-16bee"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Dec 2021 06:18:56 GMT
translator
openbid.pubmatic.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Date
Thu, 16 Dec 2021 06:18:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.217 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a8e2a57103f338dd64ad7f8a2d8191dd7b23c82c2371223fc97a29140a492fa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 06:18:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 880.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1031a4cb-3228-476f-b0da-09791a2ad1c1
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Date
Thu, 16 Dec 2021 06:18:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		162 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.217 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
154f964dd80cc9ae060d650a9796b30a560afd0db89a5c4a693af0d50f2320ae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:56 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 880.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
58f025c1-14a4-4bbd-9d0f-cd9d2d6aa961
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
162
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Date
Thu, 16 Dec 2021 06:18:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.217 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
075e76a3c745d49c10187f975555e542f71a307323dc557da26e0ca6ed422d78
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 06:18:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 880.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0bbb545e-9ae0-4468-adfc-9925594d2192
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:55 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b12%3b123
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
openbid.pubmatic.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Date
Thu, 16 Dec 2021 06:18:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.217 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
905fda12a027c0166c312e15c405bf407f2e6c0a520cb133423d71a244b223a5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 06:18:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 880.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
43691df5-66a9-46a0-95f6-d1478ee1c623
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
openbid.pubmatic.com/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openbid.pubmatic.com/translator?pubId=158361
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.208 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Date
Thu, 16 Dec 2021 06:18:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
prebid
r2b2-emea.adnxs.com/ut/v3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r2b2-emea.adnxs.com/ut/v3/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.217 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bce60bfe080c88aa73346a9176b1a630bb9222cb0f8310ceb2ce465f0500a197
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 06:18:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 880.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a5abb34c-9f0f-4baa-a89e-443362643a9e
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
elementsjpg-20211213100705.jpg
asset-a.grid.id/crop/0x0:0x0/95x95/photo/2021/12/13/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/crop/0x0:0x0/95x95/photo/2021/12/13/elementsjpg-20211213100705.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
38dbae32ebce629b55095d63cf4867debd2e1d72beb098c2800901607fbd270f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 21:37:59 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
nginx
age
31256
etag
"b809f1cf37d33baeb8868b4341c0c1ba35a3c92a"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
content-length
3793
x-amz-cf-id
OdMOcroMOHF18bL_YjjYW4haobCHix_Md2vP1n_odsm0h6S8wfhV3g==
expires
Thu, 15 Dec 2022 21:37:59 GMT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JL4WNPXLQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4341b76ade3129f6736410fd93575e6722f2604dee1a332a6d2c2ea2b45d36dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61800
x-xss-protection
0
expires
Thu, 16 Dec 2021 06:18:56 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DEHFJ8M3W4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4642e07e0c3f759d78e80ccf78459cd4432537f80c2bb1d9c7784842c52b795f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61880
x-xss-protection
0
expires
Thu, 16 Dec 2021 06:18:56 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-526569C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4670
date
Thu, 16 Dec 2021 05:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 16 Dec 2021 07:01:06 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-5.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
20088690
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
lDFXW4lTvgWLCP7uOzmsI0j3IpwI2fIm3lEN_dPxnY6DsN808WfSbg==
css
fonts.googleapis.com/ 		8 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Condensed:400,300
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aeaca5eaed6fff9a71fc05e01e896b97db39141fcb4b0bbff8a08fc8754f451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 06:18:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 06:18:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 06:18:56 GMT
related-global.min.js
asset.kompas.com/data/2020/widget/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/data/2020/widget/related-global.min.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-80.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
39e69f7c957c9b903db9295c8cfb8c81acff20df04cc63c6d9d153753023f388

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
9mRSvhbLoEBz1hVVwfAHjR8NoejWQc5i
content-encoding
gzip
etag
W/"f0c13c72614b22c7e2bd9bd4631cf56e"
age
1303536
x-amz-meta-sha256
39e69f7c957c9b903db9295c8cfb8c81acff20df04cc63c6d9d153753023f388
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 12 Apr 2021 05:27:17 GMT
server
nginx
date
Wed, 01 Dec 2021 04:13:19 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/javascript; charset=UTF-8
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
expires
Thu, 01 Dec 2022 04:13:19 GMT
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
PBfSQzorWK9hDnOAi_SSAjR8y0yqd9yu1hpEtot8HfkWOMb9msCReg==
x-amz-meta-s3b-last-modified
20210412T052707Z
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=8077308&ns__t=1639635536800&ns_c=UTF-8&c8=National%20Geographic%20Indonesia&c7=https%3A%2F%2Fnationalgeographic.grid.id%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1639635536800&ns_c=UTF-8&c8=National%20Geographic%20Indonesia&c7=https%3A%2F%2Fnationalgeographic.grid.id%2F&c9=
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1639635536800&ns_c=UTF-8&c8=National%20Geographic%20Indonesia&c7=https%3A%2F%2Fnationalgeographic.grid.id%2F&c9=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
xFVjPZODlG5qD7XH8DTwNfTdB8-Aouab3zimeimQjoGi5_IpVSnGyA==
x-cache
Miss from cloudfront

Redirect headers

date
Thu, 16 Dec 2021 06:18:56 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=8077308&ns__t=1639635536800&ns_c=UTF-8&c8=National%20Geographic%20Indonesia&c7=https%3A%2F%2Fnationalgeographic.grid.id%2F&c9=
content-length
192
x-amz-cf-id
oJfH_S3ou24MtCzUVcvc5WLF3dq1cqJW91z64tQq_xxcLe9pRuAl6w==
native_v1.0.1737-0-gf2d7995.js
video.unrulymedia.com/native/ Frame CF85 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/native_v1.0.1737-0-gf2d7995.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.3.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
202b188608427151eb39aed3c2f58f3afe8b854f9ef9d3532e7c6463d7801496

Request headers

Referer
https://nationalgeographic.grid.id/
Origin
https://nationalgeographic.grid.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 19:59:20 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
123577
x-cache
Hit from cloudfront
access-control-allow-origin
https://nationalgeographic.grid.id
x-amz-expiration
expiry-date="Wed, 13 Dec 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 14 Dec 2021 12:24:51 GMT
server
AmazonS3
etag
W/"9f6d42cf0ac77c92fc8aaccdba4cb0f4"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
x-amz-version-id
NErF82bDX.2.hcAjzWdIsCB34wbBdW5e
via
1.1 0247123ccdc6a2a86167d7f4de30885b.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
jwSUGMu5iuEPJ6HJGlH7wapNf-lB1dSPdaqU5FRKU9jayeedFSNaSA==
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v4/dist/js/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-199.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 18:06:24 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 05 Feb 2020 15:23:02 GMT
Server
AmazonS3
Age
25013553
ETag
W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Cache-Control
public, max-age=315360000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
pwnnTZR6-RcjJozr_kq-9xjRh7pXoLkyOgUQuwZEC1IMdjWxcxSuaA==
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		600 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/77045/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:199::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3b0c9399b95682009c5bc6479b60026b1463da74dbba7b7fa9d9a46a98889bac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
AKC61Q4QPSZKCF39
content-length
134078
x-amz-id-2
tItPaQdjHpmNs0B75/aosBOpXHVxOP4raCle645YP1vbbtLGVSSMLc1JR4nNIAY/crXl7Zl4LoU=
last-modified
Tue, 14 Dec 2021 13:15:12 GMT
etag
"1577e17645384c393fb24d016a9c2cca"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
3
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 16 Dec 2021 06:48:56 GMT
nationalgeographic-grid
apis.kompas.com/api/v2/related/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/v2/related/nationalgeographic-grid
Requested by
Host: asset.kompas.com
URL: https://asset.kompas.com/data/2020/widget/related-global.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-96.fra50.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
0f71e20e99ec986583a4ef29196de57e72871da98b83feb2fa093fae2053ea69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryr3OfEwXPUacYRgiD

Response headers

date
Thu, 16 Dec 2021 06:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://nationalgeographic.grid.id
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, X-Prototype-Version, Origin, Allow, *
x-amz-cf-id
sQxlxuQqHHfjwZDBpYRn9wMdN5d7POJOPyrwTJqRX1xVsHHKgaQVFw==
expires
-1
img
rx-stats3.unrulymedia.com/trackedevent/ Frame CF85 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=native_ad_load&videoplcmt=%5B%5D&siteid=1082369&devicetype=desktop&pageloadid=17dc1e4caba2f8165c0d7e4&siteenv=html&doc_type=outstream_pread_event&clientver=v1.0.1737-0-gf2d7995&adslotid=17dc1e4caba2955233aea0d&cb=1639635536883
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
img
rx-stats3.unrulymedia.com/trackedevent/ Frame CF85 		43 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rx-stats3.unrulymedia.com/trackedevent/img?event=consent&videoplcmt=%5B%5D&siteid=1082369&devicetype=desktop&pageloadid=17dc1e4caba2f8165c0d7e4&siteenv=html&perfconsentstart=1639635536921&perfconsentend=1639635536921&perfcorejsstart=1639635536570&perfcorejsend=1639635536921&doc_type=outstream_pread_event&clientver=v1.0.1737-0-gf2d7995&adslotid=17dc1e4caba2955233aea0d&cb=1639635536922&message=could%20not%20find%20__cmp%20function%20on%20any%20window
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
server
Tengine
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
43
expires
0
collect
stats.g.doubleclick.net/j/ 		7 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19394023-9&cid=1543323936.1639635537&jid=1792413233&gjid=1474627197&_gid=1899568611.1639635537&_u=YGBAgEABAAAAAE~&z=1067117061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Dec 2021 06:18:56 GMT
content-type
text/plain
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=59601235&t=pageview&_s=1&dl=https%3A%2F%2Fnationalgeographic.grid.id%2F&ul=en-us&de=UTF-8&dt=National%20Geographic%20Indonesia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1792413233&gjid=1474627197&cid=1543323936.1639635537&tid=UA-19394023-9&_gid=1899568611.1639635537&gtm=2wgc10526569C&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=&cd13=National%20Geographic&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd23=0&cd24=NaN&cd25=NaN&cd26=NaN&cd27=1543323936.1639635537&z=1238777581
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 18:56:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40944
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
354 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JL4WNPXLQ8&gtm=2oec10&_p=59601235&sr=1600x1200&_gaz=1&ul=en-us&cid=1543323936.1639635537&_s=1&dl=https%3A%2F%2Fnationalgeographic.grid.id%2F&dt=National%20Geographic%20Indonesia&sid=1639635536&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JL4WNPXLQ8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JL4WNPXLQ8&cid=1543323936.1639635537&gtm=2oec10&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JL4WNPXLQ8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JL4WNPXLQ8&cid=1543323936.1639635537&gtm=2oec10&aip=1&z=1032293781
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-DEHFJ8M3W4&gtm=2oec10&_p=59601235&sr=1600x1200&_gaz=1&ul=en-us&cid=1543323936.1639635537&_s=1&dl=https%3A%2F%2Fnationalgeographic.grid.id%2F&dt=National%20Geographic%20Indonesia&sid=1639635536&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEHFJ8M3W4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DEHFJ8M3W4&cid=1543323936.1639635537&gtm=2oec10&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DEHFJ8M3W4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DEHFJ8M3W4&cid=1543323936.1639635537&gtm=2oec10&aip=1&z=761487795
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=National%20Geographic%20Indonesia&time=1639635537039&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&random_number=3904216088&sess_cookie=3d796c4e17dc1e4cc8f109c5de1&sess_cookie_flag=1&user_cookie=3d796c4e17dc1e4cc8f109c5de1&user_cookie_flag=1&dynamic=true&domain=grid.id&account=qEBKj1a8wt008P&jsv=20130128&user_lang=en-US
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-21.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 04:15:12 GMT
Via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
7425
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA2-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
8Ix5ssnS2RlIvm92LczG1Kv51ZTyiQuNFq6Z2LP9QWK7qg74z0GvIg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.18.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-18-79.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:57 GMT
server
Server
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19394023-9&cid=1543323936.1639635537&jid=1792413233&_u=YGBAgEABAAAAAE~&z=1591109229
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19394023-9&cid=1543323936.1639635537&jid=1792413233&_u=YGBAgEABAAAAAE~&z=1591109229
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style
accounts.google.com/gsi/ 		658 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.en_GB.OaXKJqQLkXE.O/am=4iI/d=1/rs=AF0KOtXYIo_RGpJaUh3Rfuzj3Nk96eFFbw/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98089a1caaeab7cde0df23540e16fb5e3fe46c07819c23fb63c0854a64381260
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-56hnDOVQj1Px3jJFzGxLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-56hnDOVQj1Px3jJFzGxLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Thu, 16 Dec 2021 06:18:56 GMT
skin-1082369.json
video.unrulymedia.com/native/skins/ Frame CF85 		736 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/skins/skin-1082369.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.3.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9855702b5b237c63644afdedef63d59efa873e47237ccd7eea82a1fc4e4b4fa

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
NKwruH0T_XZ4sxjocPW64y2SebFHTi7n
via
1.1 0247123ccdc6a2a86167d7f4de30885b.cloudfront.net (CloudFront)
etag
"5dc087cbe43b63ebde53638ce0081642"
age
798
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
736
x-amz-expiration
expiry-date="Wed, 06 Dec 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 07 Dec 2021 22:32:53 GMT
server
AmazonS3
date
Thu, 16 Dec 2021 06:05:39 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-cf-id
fVpbltk1PPQINB1Ae1mAhpAKgDANxL6Z4T3FB2aCW7vg0ZwXk8gCnA==
third-party-iframes.html
video.unrulymedia.com/iframes/ Frame F784 		372 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1737-0-gf2d7995&siteId=1082369
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1737-0-gf2d7995.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.3.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e0667e8795cbdb369cf33057b3aec0949e317f6e3875d22257d95e5f24c8570

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

content-type
text/html
content-length
372
date
Wed, 15 Dec 2021 17:10:28 GMT
last-modified
Wed, 15 Dec 2021 17:10:15 GMT
etag
"f0e6b953574eb743e1147afe2e56273a"
x-amz-version-id
JjD6v9pSL4WJlhsvN3i6BgCQmNRuyT2A
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
dZo-JCPXwaOq4su_StWxqGo1lqHKhUggEQPjyagkuTAxcYmLqLZJyg==
age
47309
wigo-no-slot
sync.teads.tv/ Frame 2FEE 		325 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.2.6
content-length
325
expires
Thu, 16 Dec 2021 06:18:56 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=ba5f925f-ab3d-4a4d-87ce-0a12dfbc98b2&pageId=77045&pid=83430&debug_metadata=xkXloRxEud&fv=928&ts=1639635537296&f=1&referer=https%3A%2F%2Fnationalgeographic.grid.id%2F
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.142.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:57 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=ba5f925f-ab3d-4a4d-87ce-0a12dfbc98b2&pageId=77045&pid=83430&fv=928&ts=1639635537302&f=1&referer=https%3A%2F%2Fnationalgeographic.grid.id%2F
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.142.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:57 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
third-party-iframes-3779cd90e9cd332f619f.js
video.unrulymedia.com/native/third-party-iframes/ Frame F784 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1737-0-gf2d7995&siteId=1082369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.3.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1c26a5bb3bfa77f5fb1ce077d595df17950c0380ffc566324daa13bbac0bf66

Request headers

Referer
https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1737-0-gf2d7995&siteId=1082369
Origin
https://video.unrulymedia.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 19:36:30 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
124947
x-cache
Hit from cloudfront
access-control-allow-origin
https://video.unrulymedia.com
x-amz-expiration
expiry-date="Wed, 13 Dec 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified
Tue, 14 Dec 2021 19:36:27 GMT
server
AmazonS3
etag
W/"dbf069ad8616d41d45064252ed87600d"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
x-amz-version-id
t4aYbxyOip5KvOqim0WwUA5VHSa_dIWG
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control
max-age=63072000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
thyyOU996qPkMODjMbS0eaPMeCIdk-PY_k_9kgtyQ6Drpc6oIA86lg==
checkp
usermatch.targeting.unrulymedia.com/usermatch/all/ Frame F784 		589 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/all/checkp?siteId=1082369&callback=checkpCallback
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:57 GMT
server
Tengine
content-length
589
content-type
text/javascript
RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
sync.targeting.unrulymedia.com/csync/ Frame 7505
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=unrulyx&siteId=1082369
  • https://x.bidswitch.net/ul_cb/sync?ssp=unrulyx&siteId=1082369
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=unrulyx&bsw_custom_parameter=79fba116-33cd-498d-8801-7d13cb7e5d83
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk281ee156-c7f2-42d7-8fa2-08e622c08a03&expires=7&user_group=5&ssp=unrulyx&bsw_param=79fba116-33cd-498d-8801-7d13cb7e5d83
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/79fba116-33cd-498d-8801-7d13cb7e5d83?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/79fba116-33cd-498d-8801-7d13cb7e5d83?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:59 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:59 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
sync.targeting.unrulymedia.com/csync/ Frame 5988
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D&siteId=1082369
  • https://usermatch.targeting.unrulymedia.com/usermatch/loopme/1297cd00-9f9f-4d81-b87f-7e44e20ea8bb?siteId=1082369
  • https://sync.1rx.io/usersync/loopme/1297cd00-9f9f-4d81-b87f-7e44e20ea8bb?siteId=1082369
  • https://sync.1rx.io/usersync/loopme/1297cd00-9f9f-4d81-b87f-7e44e20ea8bb?zcc=1&dspret=0&cb=1639635537366
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
sync.targeting.unrulymedia.com/csync/ Frame 9CED
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D&siteId=1082369
  • https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/ff925d1dc5ff493ca6f3bcbe6c902b97
  • https://sync.1rx.io/usersync/crimtan/ff925d1dc5ff493ca6f3bcbe6c902b97
  • https://sync.1rx.io/usersync/crimtan/ff925d1dc5ff493ca6f3bcbe6c902b97?zcc=1&dspret=0&cb=1639635537652
  • https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
sync.targeting.unrulymedia.com/csync/ Frame 0B14
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID
  • https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/4113036491349184853
  • https://sync.1rx.io/usersync/appnexus/4113036491349184853
  • https://sync.1rx.io/usersync/appnexus/4113036491349184853?zcc=1&dspret=0&cb=1639635537333
  • https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
RX-e3f8deb6-7cdb-4c9f-a64e-093f21b90213-003
sync.targeting.unrulymedia.com/csync/ Frame FE58
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D&siteId=1082369
  • https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/8b9961ba-da51-4200-bbc2-6ac8666197be
  • https://sync.1rx.io/usersync/mediamathtest/8b9961ba-da51-4200-bbc2-6ac8666197be
  • https://sync.1rx.io/usersync/mediamathtest/8b9961ba-da51-4200-bbc2-6ac8666197be?zcc=1&dspret=0&cb=1639635537339
  • https://sync.targeting.unrulymedia.com/csync/RX-e3f8deb6-7cdb-4c9f-a64e-093f21b90213-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e3f8deb6-7cdb-4c9f-a64e-093f21b90213-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-e3f8deb6-7cdb-4c9f-a64e-093f21b90213-003
RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
sync.targeting.unrulymedia.com/csync/ Frame A850
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=1082369
  • https://sync-tm.everesttech.net/ct/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F&siteId=1082369&_test=YbraUQAMUrEKcABR
  • https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YbraUQAMUrEKcABR?&siteId=1082369&_test=YbraUQAMUrEKcABR
  • https://sync.1rx.io/usersync/adobe/YbraUQAMUrEKcABR?&siteId=1082369&_test=YbraUQAMUrEKcABR
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
sync.targeting.unrulymedia.com/csync/ Frame C8F0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1&siteId=1082369
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=unruly&ttd_tpi=1&siteId=1082369
  • https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4
  • https://sync.1rx.io/usersync/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4
  • https://sync.1rx.io/usersync/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4?zcc=1&dspret=0&cb=1639635537332
  • https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-e6decb3f-9be4-4dc6-a217-be8c7587bbd1-003
usync.html
eus.rubiconproject.com/ Frame 365E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east&siteId=1082369
  • https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Dec 2021 06:18:57 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
Date
Thu, 16 Dec 2021 06:18:57 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
sync.targeting.unrulymedia.com/csync/ Frame 0101
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=41&siteId=1082369
  • https://usermatch.targeting.unrulymedia.com/usermatch/stackadapt/xTK2X_59TvxKS8CzJN1xSVnujtY
  • https://sync.1rx.io/usersync/stackadapt/xTK2X_59TvxKS8CzJN1xSVnujtY
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
sync.targeting.unrulymedia.com/csync/ Frame A78B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/unruly/?siteId=1082369
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-tY264xxE2oVqFarj0xRRnuD_GjRY.DNvq9Be~A
  • https://sync.1rx.io/usersync/verizon/y-tY264xxE2oVqFarj0xRRnuD_GjRY.DNvq9Be~A
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
sync.targeting.unrulymedia.com/csync/ Frame AA1D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25&siteId=1082369
  • https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/gAFJY1UggA8m
  • https://sync.1rx.io/usersync/pulse/gAFJY1UggA8m
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
43 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
usermatch
ssum-sec.casalemedia.com/ Frame DECC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&siteId=1082369
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f0e5a069925e096855eb8a7c4b83cc4012e7d288dd6e20fd0a5485c7af3a596

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|241|39|190|40|195|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1744
Expires
Thu, 16 Dec 2021 06:18:57 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:57 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 16 Dec 2021 06:18:57 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:57 GMT
Connection
keep-alive
unr
match.prod.bidr.io/cookie-sync/ Frame BC96
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369
  • https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369&_bee_ppp=1
20 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369&_bee_ppp=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-3779cd90e9cd332f619f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.214.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-214-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/

Response headers

content-type
text/plain
Date
Thu, 16 Dec 2021 06:18:57 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
20
Connection
keep-alive

Redirect headers

Date
Thu, 16 Dec 2021 06:18:57 GMT
location
https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369&_bee_ppp=1
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
efqg1Cuq94Ri-KaDef_v1H6op4di_frULfpdK22I
sync.1rx.io/usersync/quantcast/ Frame F784
Redirect Chain
  • https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0&siteId=1082369
  • https://sync.1rx.io/usersync/quantcast/efqg1Cuq94Ri-KaDef_v1H6op4di_frULfpdK22I?gdpr=1
0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/quantcast/efqg1Cuq94Ri-KaDef_v1H6op4di_frULfpdK22I?gdpr=1
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1737-0-gf2d7995&siteId=1082369
Protocol
H2
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.1rx.io/usersync/quantcast/efqg1Cuq94Ri-KaDef_v1H6op4di_frULfpdK22I?gdpr=1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
sync.targeting.unrulymedia.com/csync/ Frame F784
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc&siteId=1082369
  • https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm=&google_sc=&siteId=1082369&google_tc=
  • https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEDhnP550wtFM3-zODQst68g?siteId=1082369&google_cver=1
  • https://sync.1rx.io/usersync/google/CAESEDhnP550wtFM3-zODQst68g?siteId=1082369&google_cver=1
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Requested by
Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?clientver=v1.0.1737-0-gf2d7995&siteId=1082369
Protocol
H2
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://video.unrulymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:57 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
v1
prg8.smartadserver.com/prebid/ 		171 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b3%3b106
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3ce625bed4d56cf75bbc930385e6333bcc8e0fd1b485c542829d17ba1bcac368

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b15%3b84
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
dab57ba48843c1a5838c4f37ffb1efc196fbaf63ee4ffe70bc97e052d36cf690

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:56 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b5%3b124
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b20%3b108
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg8.smartadserver.com/prebid/ 		171 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
3%3b7%3b145
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
280686
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/280686?src_sys=prebid
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 16 Dec 2021 06:18:57 GMT
X-SpotX-Timing-Transform
0.000332
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.001962
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000342
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.019939
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.008872
X-fe
035
Last-Modified
Thu, 16 Dec 2021 06:18:57 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005614
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
X-SpotX-Timing-Page-Misc
0.002774
X-SpotX-Timing-Page-Exception
0.000021
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.005614
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282227
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282227?src_sys=prebid
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 16 Dec 2021 06:18:57 GMT
X-SpotX-Timing-Transform
0.000333
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000933
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000354
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.010727
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003685
X-fe
015
Last-Modified
Thu, 16 Dec 2021 06:18:57 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003068
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
X-SpotX-Timing-Page-Misc
0.002318
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.003068
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301966
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301966?src_sys=prebid
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 16 Dec 2021 06:18:57 GMT
X-SpotX-Timing-Transform
0.000327
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000991
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000317
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.009984
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003759
X-fe
060
Last-Modified
Thu, 16 Dec 2021 06:18:57 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002978
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
X-SpotX-Timing-Page-Misc
0.001572
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.002978
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
301967
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/301967?src_sys=prebid
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 16 Dec 2021 06:18:57 GMT
X-SpotX-Timing-Transform
0.000357
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000852
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000284
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.009366
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003547
X-fe
029
Last-Modified
Thu, 16 Dec 2021 06:18:57 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002789
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
X-SpotX-Timing-Page-Misc
0.001505
X-SpotX-Timing-Page-Exception
0.000019
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.002789
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
282137
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/282137?src_sys=prebid
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Thu, 16 Dec 2021 06:18:57 GMT
X-SpotX-Timing-Transform
0.000277
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000814
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000351
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000001
X-SpotX-Timing-Page
0.008200
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.002975
X-fe
132
Last-Modified
Thu, 16 Dec 2021 06:18:57 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.002369
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
X-SpotX-Timing-Page-Misc
0.001385
X-SpotX-Timing-Page-Exception
0.000017
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.002369
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
arj
kompascybermedia-d.openx.net/w/1.0/ 		73 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kompascybermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnationalgeographic.grid.id%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6ff70464-e44a-41e1-9f50-ef2945d12157%2C2758c20a-cd75-4b33-a169-43de08e4c3c6%2Ccffb18df-856e-40ac-b91c-ca591bfce9bf%2C49295077-ab3d-4a80-bb30-9237116b0f87%2C8171c74f-5a7b-4b7f-87cf-d3bba98876fb%2Cc53c99da-8f7e-4ae9-a0e8-a514e4535ee4%2Cfafede35-82bf-40e7-974c-5e1a6b8310de%2C17a817d9-7f95-4b24-ab34-94aa198fb3f2%2C35f1542e-b98c-481d-9edc-5683b38a9c56%2Cf2183068-3cd4-4d0e-bf2a-74255495b697&nocache=1639635537644&aus=970x90%2C970x250%7C300x600%7C300x250%7C468x60%2C1100x50%7C300x250%2C300x100%7C300x250%7C728x90%2C468x60%7C100x550%2C120x600%2C100x650%7C100x550%2C120x600%2C100x650%7C160x600%2C120x600&divids=div-gpt-ad-head-banner%2Cdiv-gpt-ad-giant%2Cdiv-gpt-ad-MR3%2Cdiv-gpt-ad-bottom-frame%2Cdiv-Inside-MediumRectangle%2Cdiv-gpt-ad-below-comment%2Cdiv-gpt-ad-below-photo%2Cdiv-gpt-ad-skin-left%2Cdiv-gpt-ad-skin-right%2Cdiv-gpt-ad-skyscrapper&aucs=%252F31800665%252FNATIONALGEOGRAPHIC%2C%252F31800665%252FNATIONALGEOGRAPHIC%2C%252F31800665%252FNATIONALGEOGRAPHIC%2C%252F31800665%252FNATIONALGEOGRAPHIC%2Cdiv-Inside-MediumRectangle%2Cdiv-gpt-ad-below-comment%2Cdiv-gpt-ad-below-photo%2C%252F31800665%252FNATIONALGEOGRAPHIC%2C%252F31800665%252FNATIONALGEOGRAPHIC%2Cdiv-gpt-ad-skyscrapper&auid=540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968%2C540800968
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
13393fd832ccc3b68167e58032449109093edeba039430612cc39b81939e97a5

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hbpost
hb.jixie.io/v2/ 		62 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.44.221.77 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
26dae759d01ee4a099c841c13f956f17ef47101ae1b0f4646544ae1750ec7ac4

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:57 GMT
Content-Encoding
gzip
ETag
0cfab820-5e38-11ec-a1dd-79ae7a451fe8
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Cache-Control
private, no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Expires
-1
cdb
bidder.criteo.com/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.13.0&cb=82066196910
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nationalgeographic.grid.id
date
Thu, 16 Dec 2021 06:18:56 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cygnus
htlb.casalemedia.com/ 		37 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=450353&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224744e28c4eb8f4d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnationalgeographic.grid.id%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fnationalgeographic.grid.id%2F%22%2C%22domain%22%3A%22nationalgeographic.grid.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22grid.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A10%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A11%2C%22ren%22%3Afalse%2C%22version%22%3A%225.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22489339136fc9526%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2250853390485dd8d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225278f05dbd7e6be%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2253e025297753e47%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A1100%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%221100x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22551b7574974e93e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22300x100%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225798d96cc9bb31f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22589767d3d19efce%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22600a51299a870ad%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A100%2C%22h%22%3A550%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22100x550%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A100%2C%22h%22%3A650%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22100x650%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2263b27442522967%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A100%2C%22h%22%3A550%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22100x550%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A100%2C%22h%22%3A650%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22dfp_ad_unit_code%22%3A%22%2F31800665%2FNATIONALGEOGRAPHIC%22%2C%22sid%22%3A%22100x650%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%226608f534c158dd7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22450353%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%7D%5D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d1bd379d2bd3ef28cb6ec7af831573d68d678b81474c632df7b5646f4f1b6247

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[89.238.142.214], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://nationalgeographic.grid.id
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Thu, 16 Dec 2021 06:18:57 GMT
cygnus
htlb.casalemedia.com/ 		37 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=450353&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%224744e28c4eb8f4d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnationalgeographic.grid.id%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fnationalgeographic.grid.id%2F%22%2C%22domain%22%3A%22nationalgeographic.grid.id%22%2C%22publisher%22%3A%7B%22domain%22%3A%22grid.id%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A10%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A11%2C%22ren%22%3Afalse%2C%22version%22%3A%225.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2251237cab28d6be%22%2C%22ext%22%3A%7B%22siteID%22%3A729196%2C%22sid%22%3A%22300x250%22%7D%2C%22video%22%3A%7B%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22minduration%22%3A5%2C%22maxduration%22%3A30%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22placement%22%3A3%2C%22playerSize%22%3A%5B%5B300%2C250%5D%5D%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d1bd379d2bd3ef28cb6ec7af831573d68d678b81474c632df7b5646f4f1b6247

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[89.238.142.214], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://nationalgeographic.grid.id
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Thu, 16 Dec 2021 06:18:57 GMT
cdb
bidder.criteo.com/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.13.0&cb=41973052235
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nationalgeographic.grid.id
date
Thu, 16 Dec 2021 06:18:57 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.142.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 16 Dec 2021 06:18:57 GMT
/
as.innity.com/synd/ 		867 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1639635537657&ver=2&hb=1&output=js&pub=394&zone=69191&url=https%253A%252F%252Fnationalgeographic.grid.id%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=901350f23b5ca9f&auction=66548ca5-9880-47fb-a03b-10e3d6b03c31
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
8d.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
c216a86578660a8f11fb6316ff4aecb0cdc0411f8384ae102963e4c5bde83116

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 06:18:58 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
467
Expires
Sat, 03 Sep 1983 02:00:00 GMT
/
as.innity.com/synd/ 		858 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1639635537657&ver=2&hb=1&output=js&pub=394&zone=93830&url=https%253A%252F%252Fnationalgeographic.grid.id%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=9121ee48b2407ba&auction=66548ca5-9880-47fb-a03b-10e3d6b03c31
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
8d.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
bb246f88c8d0ba427dc63f930d976da1c96ae096a34985327d8a3f79e4f18373

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 06:18:58 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
459
Expires
Sat, 03 Sep 1983 02:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.13.0&referrer=https%3A%2F%2Fnationalgeographic.grid.id%2F&tmax=2000
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.229.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-229-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ad2.apx.appier.net/v1/prebid/
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=QOtVAaePDl2K6bXhUtq6YQ
2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=QOtVAaePDl2K6bXhUtq6YQ
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:58 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
clear
content-length
2

Redirect headers

date
Thu, 16 Dec 2021 06:18:58 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=QOtVAaePDl2K6bXhUtq6YQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nationalgeographic.grid.id
date
Thu, 16 Dec 2021 06:18:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prod
traid.jixie.io/sync/ 		165 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=fa9afd31c9c8769a7ae23ef3661ac43f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.43.132.130 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
a9e9cd8e6d5169db17a42c768e4d9abab3a5bfaaa98fd09ea4ea26d97246bf5d

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 16 Dec 2021 06:18:57 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
0cfab820-5e38-11ec-a1dd-79ae7a451fe8
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Cache-Control
private
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.43.132.130 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nationalgeographic.grid.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers
content-type
Date
Thu, 16 Dec 2021 06:18:57 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame DECC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPxxLFGj_256tliSelQ1Vw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPxxLFGj_256tliSelQ1Vw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 16 Dec 2021 06:18:57 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBPxxLFGj_256tliSelQ1Vw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DECC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:18:57 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DECC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HQWYFRKH7HY05SNSX36B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:58 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GWTD7J6ZJAX6DYVW6HNE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YbraUc4Zw_BxkkkwsWXfVgAAAVQAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame DECC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
ib.adnxs.com/ Frame DECC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame DECC
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-249f7be6-a92d-40db-bf34-11f5d5722f5c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-249f7be6-a92d-40db-bf34-11f5d5722f5c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:18:57 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-249f7be6-a92d-40db-bf34-11f5d5722f5c
date
Thu, 16 Dec 2021 06:18:57 GMT
server
Apache-Coyote/1.1
content-length
0
bridge
cm.adgrx.com/ Frame DECC 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:57 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
sync.targeting.unrulymedia.com/csync/ Frame DECC
Redirect Chain
  • https://usermatch.targeting.unrulymedia.com/usermatch/casale/YbraUc4Zw-BxkkkwsWXfVgAA%26340
  • https://sync.1rx.io/usersync/index/YbraUc4Zw-BxkkkwsWXfVgAA&340
  • https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
H2
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:57 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-b52184a2-8795-4d92-b7af-215ac4eba96d-003
pragma
no-cache
date
Thu, 16 Dec 2021 06:18:57 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
cs&eq_cc=1
um2.eqads.com/um/ Frame 3964
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F&s=182257&siteId=1082369&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-249-39.compute-1.amazonaws.com
Software
/
Resource Hash
2583f80f1d965149efce886cbfaaa2711be88fd18d58e28426df92f2c563d300

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Thu, 16 Dec 2021 06:18:58 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Thu, 16 Dec 2021 06:18:58 GMT
pragma
no-cache

Redirect headers

date
Thu, 16 Dec 2021 06:18:58 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
usync.js
eus.rubiconproject.com/ Frame 365E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
daa2e640368b2d588d5401a524142e62fceef1a3fa74000c6a80c0b2581cc9c2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:18:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60405
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9699
Expires
Thu, 16 Dec 2021 23:05:42 GMT
khaos.jpg
token.rubiconproject.com/ Frame 365E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 365E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=unruly&siteId=1082369
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east&siteId=1082369
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Content-Type
image/gif
events.php
log.r2b2.io/ 		10 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fnationalgeographic.grid.id%2F&hbDomain=grid.id
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
e32802ad7ce328a84bdfcbe00ac13e073169a0703896ed8a82ac8b54ae13aa0e

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:52 GMT
content-encoding
gzip
last-modified
Thu, 16 Dec 2021 06:18:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=nationalgeographic.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nationalgeographic.grid.id
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		313 KB
72 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1978616448361754&correlator=2090885348511251&output=ldjh&impl=fifs&eid=31063378%2C31063706&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211216&iu_parts=31800665%2CNATIONALGEOGRAPHIC%2Cvignette&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2F2%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x420%2C300x600%2C300x250%7C300x600%2C300x250%2C100x550%7C120x600%7C100x650%2C100x550%7C120x600%7C100x650%2C468x60%7C1100x50%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ists=255&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0%2C0%2C0%2C0%2C0&prev_scp=pos%3DTop_1%7CPos%3DGiant%26hb_format_smartadser%3Dbanner%26hb_size_smartadserve%3D300x600%26hb_pb_smartadserver%3D2.91%26hb_adid_smartadserve%3D122f1372110feba8%26hb_bidder_smartadser%3Dsmartadserver%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D2.91%26hb_adid%3D122f1372110feba8%26hb_bidder%3Dsmartadserver%7CPos%3DGiant2%7CPos%3DMR3%26hb_format_smartadser%3Dbanner%26hb_size_smartadserve%3D300x250%26hb_pb_smartadserver%3D2.91%26hb_adid_smartadserve%3D121123b3556bdf68%26hb_bidder_smartadser%3Dsmartadserver%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D2.91%26hb_adid%3D121123b3556bdf68%26hb_bidder%3Dsmartadserver%7Cpos%3DSkin_Left%7Cpos%3DSkin_Right%7Cpos%3DHorizontal_Ad%7Cpos%3DPopup%7Cpos%3Dvignette%7Cpos%3DBalloonAds%7Cpos%3DPopular_1%7Cpos%3DPopular_2%7Cpos%3DLatest_Stories_1%7Cpos%3DLatest_Stories_2%7Cpos%3DArticle_Highlight&eri=1&cust_params=safe_branding%3Dyes%26keyword_targetting1%3Dno%26keyword_targetting2%3Dno%26keyword_targetting3%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1639635539&dt=1639635539301&dlt=1639635536021&idt=703&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C1035%2C1035%2C1035%2C130%2C1370%2C250%2C-12245933%2C-9%2C0%2C1035%2C1035%2C265%2C265%2C265&adys=266%2C301%2C3007%2C2487%2C65%2C65%2C1150%2C-12245933%2C-9%2C6238%2C953%2C953%2C1328%2C1328%2C953&adks=3567496413%2C737230165%2C2621718177%2C2918314880%2C1032357103%2C4242047388%2C3327855457%2C3637417933%2C2301437635%2C355200692%2C3376524214%2C3376524215%2C2637643496%2C2637643497%2C3149898339&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnationalgeographic.grid.id%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x0%7C300x0%7C300x0%7C100x-1%7C100x-1%7C0x-1%7C0x0%7C0x-1%7C1600x6569%7C300x1504%7C300x1504%7C750x2%7C750x2%7C750x407&msz=1600x0%7C300x0%7C300x0%7C300x0%7C100x-1%7C100x-1%7C1100x-1%7C0x0%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&ga_vid=1543323936.1639635537&ga_sid=1639635539&ga_hid=59601235&ga_fc=true&fws=4%2C4%2C4%2C4%2C516%2C516%2C516%2C132%2C2%2C4%2C132%2C132%2C132%2C132%2C132&ohw=1600%2C300%2C300%2C300%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C1%7C2%7C0%7C0%7C0%7C-1%7C-1%7C3%7C0%7C0%7C4%7C5%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3b1b5beed21ada474a95684d98321977e91bc800065743d586d71b83595ec21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,149843,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73714
x-xss-protection
0
google-lineitem-id
-1,5542283177,-1,5542283177,-1,-1,-1,-2,-1,-2,-2,-2,-2,-2,5857834761
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138331239296,-1,138331272231,-1,-1,-1,-2,-1,-2,-2,-2,-2,-2,138375215781
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 69ED 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 16 Dec 2021 06:18:59 GMT
expires
Fri, 16 Dec 2022 06:18:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12940
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Dec 2021 06:18:58 GMT
crum
dsum-sec.casalemedia.com/ Frame 3964 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bf3b91d9-8772-4131-a0f6-48afdc2db9a5&expiration=1647411538
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:18:59 GMT
publishertag.prebid.105.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by
Host: ads.gridtechno.com
URL: https://ads.gridtechno.com/PREBIDJS.JS/2021/OKT/grid-prebid5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Dec 2021 06:18:59 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Dec 2021 06:18:59 GMT
syncframe
gum.criteo.com/ Frame 004B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nationalgeographic.grid.id
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1833
date
Thu, 16 Dec 2021 06:18:59 GMT
content-length
4685
strict-transport-security
max-age=86400; preload;
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=797642735005-m8qn5v8llc1l66m3c4q5b188f8hnrcfi.apps.googleusercontent.com&as=cu58VMTHWnRsiJuaSn%2B7Xw
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.en_GB.OaXKJqQLkXE.O/am=4iI/d=1/rs=AF0KOtXYIo_RGpJaUh3Rfuzj3Nk96eFFbw/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd416190714defa54fb350c278815c604e4fb1b05acbed5b67f35d8860abd415
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pwr4RRu1CHphcfrT8MFoIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/cspreport
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-pwr4RRu1CHphcfrT8MFoIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
348fb34ed4d889e97ca937d27ec5220a0555dba7a6a1491672f132f69e1f6f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8581
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/8077308/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:13:30 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
330
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
9PSbYFtiRk8EM_drvY88pX_tZ1zBNdjRD5zGB-CswB5CwzNFJqkDcw==

Redirect headers

date
Thu, 16 Dec 2021 06:18:59 GMT
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
Ea6QwyGrRvPTmFHZRJIY8cYfT2tkfqckQ_ahcNmzZSk4Wv_W5Sf4AA==
container.html
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D94D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 16 Dec 2021 06:18:59 GMT
expires
Fri, 16 Dec 2022 06:18:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 7A84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWdG5ExILym-G2BLegQUG-ZBTQauw8eaW6Is-gudA73yG4_o-DLV_pzgadxwmGMi5Ct-nvrgvrpTUmNC_2NMsFDAJYklQQNXQQl7i7wYYcxHJNBcemZoMpHnsWiL607RI8e4n1IimRpXneAXq4Uv-2jhXPUaHI-EriGElmhXnfJp3o55HruIT7USSP_fLEzpKox4SDe4x2ntY5VIooVxGWPGpo5yZQjMWHMZvaNvqqS-YKytJ73X9azMDaX3os0H65AdLfcRNzWtHQeTrNtPd71EwkmzHXQsF0C2E-ENDdMk4A-O95xMFcDbltXtIguqeQ2kPcqV8QmwCcpnAVMw&sig=Cg0ArKJSzBrHVmjW0OA7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7A84 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
15128
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19123-FRA, cache-mxp6940-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6be5cc2b693283a8-MXP
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A84 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:18:59 GMT
container.html
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 33CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 16 Dec 2021 06:18:59 GMT
expires
Fri, 16 Dec 2022 06:18:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 6EEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdaXrHvNBCzjzGYIUQfoDE3_RGkpH-ZKSd588mhx8MeL8o8kdXqQPw-S14cOQSBwuri1ylEbgMKT4vxDsJZj6OXFVe8YO11Bkg2d_NvEDOFZDEjXTQ9W06KIJXc0HHMdiXkbRs-PP_g9nwtvmTch-fDLmc8_i8Ork2H_nXj5tVJWlMaogmf_zBYzROFwz_AYJFPFggobwv0GyOhvkyWxpnfCXGYVO9oO4jKD_kUVgUgAU7mnSjZpLI6LeLlIS5_zYdJyY8LewO-a0hZ69TjgmKRO8J4bRHYLE6v-boYa2KKMDYf2PNRPaz2zbf4C2pG80wBvcOvxnKHvXPgxz8hg&sig=Cg0ArKJSzIGUZUtdLyjVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6EEB 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
15128
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19123-FRA, cache-mxp6940-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6be5cc2b693583a8-MXP
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EEB 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:18:59 GMT
container.html
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A363 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 16 Dec 2021 06:18:59 GMT
expires
Fri, 16 Dec 2022 06:18:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1878 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 16 Dec 2021 06:18:59 GMT
expires
Fri, 16 Dec 2022 06:18:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F2A5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 16 Dec 2021 06:18:59 GMT
expires
Fri, 16 Dec 2022 06:18:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7CA1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 16 Dec 2021 06:18:59 GMT
expires
Fri, 16 Dec 2022 06:18:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6A55 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d81f57e31f9f20545d1708f10b05a4f975b4a7a8bbbf4425d8215ebc22dae18

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
5304168508644290101
tpc.googlesyndication.com/simgad/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5304168508644290101?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6afef23af834e5f335bf5b8d5d52549c1de6b290997b7254b3398ce275fb723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22738
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 13:34:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Dec 2022 06:18:59 GMT
pixel.png
asset-a.grid.id/ads/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkfk1FFiS5h4Q5nNHTQBcwKc4NLKSXwMqtrWDySCUNtnnMh7dZcy3ApLx9snZb8NJTFtdyHQ6RlRUPqAUtzX8GOEb3x2rdekb9b3T7wBVcUC-QB-0E-VPbp3gcQLoNMbqYSBjWuA7Dv...
  • https://asset-a.grid.id/ads/pixel.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset-a.grid.id/ads/pixel.png
Protocol
H2
Server
13.225.87.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
a3577f0bb5e20b6876e66bbec857b0a764bcf380102028cacf3e1d84ade2ca0d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 17:26:18 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2019 04:29:08 GMT
server
nginx
age
1515161
etag
"2278ff08c014aeb0587a59542c9568f6"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
2798
x-amz-cf-id
dlYSYOEWMokvcLDczjgNtAoxaqdIJxWegvzYAlrhKQwKcukZePkVag==
expires
Mon, 28 Nov 2022 17:26:18 GMT

Redirect headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://asset-a.grid.id/ads/pixel.png
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Thu, 16 Dec 2021 06:19:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 60A3 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIYt5XwvAEwAQ&v=APEucNWiwde4AeLySuUbIyR8cJ2qwVofZHICfyU9KxBa12VW1Thp290dhz-JWdOM427CzrgIqizMxCUvYGf8Hsq5WDT9T-qDZPuzjmfAKNWbBCH9yLRU3zy5kJT49jyvcCVJdZd6l6oKtzSNmMupA9cOq_Df10lZ21idejYOXC0_iL20uf_2n2A
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 16 Dec 2021 06:18:59 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame D94D 		73 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtuorrYAHa8PTL9yIF0wVAluBcktcg0YW1RG8ZbWjIwQHJqoXZjHl10B4CSvyFX2xCOdD7A2z1GCTAZDz_su2Ljlh_lZlyVMt3L9CKFjXXB224v-9w2ae9YxqeEdVKg9z3i1Osm3VDSW66rvpfy23JljNu-g&dbm_d=AKAmf-BcuTTbk48qHOC3eyZsg3p5zFkGBXrFgORntONhcc7HWtLFbuWJ4MW5SJqKZR1ux9KrkeeuDd2CY4BxARdlLkC_GkJqtUtlp9aZSlN7u0MxvaeNAoJ69IeEQEYXnnCs5LRNuqWftxU9ZKBbADK4f84YU6eDSu7_gk8istnP5TOZcMJ_QFSSXgGWtSqofkekXJiXPsQ-ANuDdIZFNKaRWKVipw6t_KWtCvadNQUVosiqNUQYtyM_ak4xNpBgwgxdlg49u0vjIuZySodA5zxm_nTdp1LBdDzxlMi65TwEe2bfOMLbHDKyESzKhp2aaOsR0niS8gUi9XgQ4KpC_0kgBmhnDS1mSwWTAYli9LRzWjQ1bbkV4UXK7zr4Lv5zo9L4_qufWYWhRQa6VaqFo3PbQYZhWtwG5tCzFpfd8ah0gCjzpWmFvK77iCQMXuOadh9nowm6JmgRQD1nBOyvHfp8Ax4VXtcmQMjalMVwH9x-Q8fGzryVUwiNZDYMYJf5YGI9tkPGtyaezwFBpij33-JZHIdTWaDyzzbQiU_zteEGmAgloymqYV1XggLl9vw1qSl12_GEgiuwX3Q5nkZkHDxI-oZfTHaDIxMDym1NhkKQLCWwbvt6DTQP4E9diVhVSY4Oro_lWhEi-Gx-ToCiDFnOOeRzgm1Xni4Ixt1YWMjU4wuSJLxl337sx1d1RG-3PF9K_4z8Q4eISrWX1NIsZt_cx3IUOpXhsOXE_1HFWz9CTfSE6MLhAijR5RuUjlMM2lM3TFVa3w9lmBcbmC7qWgRtYre84Cltw7Rnyihw2Yk_WskcxNg8vi9GitiFJBkj9x8YjPSQiplXyrbxmH6X2Fqa4kCjEGg5X9Zabcaw73Y2z2gH2aNZ7KPt_GF_uukt5rZh7WxffF9K9t5UhVV35n1ht4_XUyRiQqYEJcoLHXmMHCMAqGVMFE3Qa0lHg-yTMGNAgUovSQlEVIsrKwcQZXiI6N51BxrE7GpQhqJk5GbE7rY6e__Z4GIEX0WboHw9iTyDgbGM8i6kE-v78itDMq05vp5MjiC1b_DUcUU8-LIBl8MgIY1BvYQG5o7Scnzg6NkyhbkI1vX3cqnPrxgliwQIHuiGqAqVhbvMe6vu2vloBOCmZxTuAtv47wvYmcjFLdt_x_sG-dQfDGoULPg1tkOEvvM6Stnd4lcrNZQ4sy_NpHP3ENS2CKXbqQKhbGfDPG_IMLcSnYSfQWaef80ydcAJ-N8ea5Ne9PCr-GmYSXIO1s4fp82dGH7T-tY9CyN0N8ECA6GrMEWA-9CSeIcUqO7SG2kDMNmqauxqPT84aKdvUFmTMgU9t3mrCDKOx1QhPJF6eJhRQhF2t5bo262RlQDKW94NEIo-2fLbadi4bH22MMIw_AO4hy5Yj_tqWTOvYbZqmSXWG424oznvrzSBGqq6eLwb2b9cTmAu8Qc-wMVuZ87tk3mRHzml1DgSNeRZclF5mUDOxxyOkVyPzJ2JkYk2d-5BrMYwmLqgOYv0WtvN33RTHSV-TiKO30g68HSMcbNyXp5xdYZeYG-cCMNDF_RLHcF8vI6EPlLporDYAMyubd4IBg3jI7Xi9WGgge-mfjSBWwPNYV3jAMhoos3U9t_1CyHwq9rNyI7N8k0lfPaveXYOuWmeDqiz--wN_vI7Va3mp6BSmSzjwPEjk8JzHtglw4gudjorsrxzsm6SCl3K1v_BRWy7qQcg7lvQvGKCsgZuKDM-bt4PdEOvaVlxsrmg0m6fVPZhywdgb3IjjCQMykaM0vZQZSTCZrs6LUgpOUGwgzYSm5SL1ypQf4k0F9glQ3cmu_DeHTLKbob16xyNVpnBP3PPGyVFAnspM5TN0gzMOVx_fLcvvpdJlxHiidOy2dxZV_II1pY9XTDnYNyZ2IlFPX2ffg-YGUAeNA6ZDC4CpQcsJR6G5MVM8Tga3TsKMw_eQXAywpzX39am0t5a_-ZxcCbu7Xe_WzqCWqV_7c64fDLrH-ZyY340XYQ44u_rvyDEKve5nYs8WPklMSn2RKsTtd_lPbBK1oKRtqxhzn2tMNglU-5RoKxTgnATrCydvmUTkwRB_WJcAyzTuFn8hFhn2Nv5FAk4xUtcmeD1IRmgGeBkCba-v-WzW1krsfcnXab50Yf2bMsaitSp7XBW9hl94OJhG6ou_Ha1IoUmof8f022wJupK96J_sh8Xd9XBiccWE10quDPr7AVcSkhEdl_fLsCWNURUjhRUgDucqinLUNdUI4XxrbIkZDhgv51paO5gusDRy18icwxYiEAeWouh3J61JZJbDw3CR2mYWOYc40C0hZ6VKzUtrj4JOLkJsGQt0D0e-hbldQ9hohq1PDdVm2iDuddf9RgxVajzeLFiyprJp9gjB_KQotLvOUVgP7qCdOY05ONNW5F6k_As8M8WDhzJ97oSRsDRHCCbWRv7uJLSu5jbQKxlZdrRAsjLqJlOPCNGlgEggxqg4dnLSQqo-uO0El2IVLaJ7xKZEqv7mruvXranqlU9glqeeSzKLs3lMd4Q-gh4C3kHpPodqr7rXIaJ__013GRW72S0hQ2c7ZERuFjtNkFvITZ4NYiNHWPt2wVIbxxmF2lziWfLKxURY_oRnRK7OiVyfVv2WcXtIBHUGFIgRkD6H7sLAw3Ouhg-HCHls0yCdWvFLeLQdKmHm8niJysjhrSLXn4EKXwDpnPN6z_7JjYm1loCsfdeLff3DBoa67U5Gcd65jTo_mHFJVm6-0w4UVU1D083RzKkuSFryXaPwmriYYH93fezUP9TjnRv0kEuREi7uQP_8N1N9SH8zFVi_W9kUCXL8tctDV0MkmkSieqQ3z1Js-jYfJDQliiIOLFD9U5m_e-j1FLtsftbzoDGy2ntbmtZ01YFFz4kIaiVqn5jwCusmkLChFXAXJbRGnV7VI0uUo5fhJA6AT-3UuJe4h4DcV9X4k1SQBC8CjBwL7PelqN6ly6XzX5yYseC7iDGtcJdOn3oU_BB33IkDKZ4ApkII9dDFxsOztS4PwTVOJlkO8ayztobARu2x9bEfFcSFcWajPnDU7ZabcWG0t3hP2DOH533tWitfBA4XwG2vJtEGfmQoDI0hO5jh12yrBWOctB6etKtVNv9KKXAv3R3lSB-QfHYbYJepo--sYfKgrx2uvBok9Crl4j1cxC0s2vo1-J2tqzmu1IH-yKMzfuF6l990l2388xf4630ciyWNmrUI1b32ql4zJC7KNvOCsx6_Bcm4Ju8ZNFnuCfUAxCWZRwlSCxzJXAwMK-PAnhiJmha-TVcQkoRKp89jlc1UKH2eGTJRvzpngL5j4WaKPHH57apZJJttGa2iZjeHm_8&cid=CAASEuRo4Z4wohg87glMA0MlUP3Arw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8038415b53ff2c8513e8411e32992d0ee139d5509b0069ff4a1a02d8ee6b3024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30400
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D94D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlIbMJCCmBpulaTdDclSoanl7eaHT84pooBQEfsiCv2zV0K66kXEsuES3QpXoK7qGxGTrHBeYP-WiajlAIHhc8JaR0-RkKL78gVat0fwbbvWhHU9k
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D94D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:05:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D94D 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:18:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D94D 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:17:53 GMT
l
www.google.com/ads/measurement/ Frame D94D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFv1TIdepNm6ik8HkF_sQOYTp6EL97uw4i4DDlVYoGTZ_0jd0EDe22Svnh5yh5iv-OKWkOZcsxBB2_-X-yBnmIhupk1A
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 004B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=grid.id&sn=ChromeSyncframe&so=0&topUrl=nationalgeographic.grid.id&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=RAnFaXxaTXNrTHp1TGhINFNlblkyRkdHTU9JY2NBNFF4S3hwekNyVXVMd2VDeVplL1NFUmM5Mng0L3l1YUE2azBGeXhic3VaSTloK0hnWkxwd0syanQ0VHlLajloRmFxL1JVQmhXMXNBNlJ0dFdsVHRJWTIwbGV0UjhibH...
441 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RAnFaXxaTXNrTHp1TGhINFNlblkyRkdHTU9JY2NBNFF4S3hwekNyVXVMd2VDeVplL1NFUmM5Mng0L3l1YUE2azBGeXhic3VaSTloK0hnWkxwd0syanQ0VHlLajloRmFxL1JVQmhXMXNBNlJ0dFdsVHRJWTIwbGV0UjhibHlEQkRKa3ZER0dWa280dTRkVURZUUhTTXJUUlRydkZ1bFdzLzlSeFRubG41dE5HVUp0U0MrSm5oblRzUWVnbGJGcHJtN1VlbEJHalpPeU5aUERuTk1YNTQvN2dqYk1jeDY5cVNkVUpxRnBSRktFSkNHZC9rVW9BSHlZZlF0UDlrRFhFTUZicEN6b0FzRXp3U01zR3pCZjAxT1ZEclBhQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6ce6a72edd698d162f0041b4a32956b2783131668818fcc4f339098858a192d9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4149
strict-transport-security
max-age=86400; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
strict-transport-security
max-age=86400; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=RAnFaXxaTXNrTHp1TGhINFNlblkyRkdHTU9JY2NBNFF4S3hwekNyVXVMd2VDeVplL1NFUmM5Mng0L3l1YUE2azBGeXhic3VaSTloK0hnWkxwd0syanQ0VHlLajloRmFxL1JVQmhXMXNBNlJ0dFdsVHRJWTIwbGV0UjhibHlEQkRKa3ZER0dWa280dTRkVURZUUhTTXJUUlRydkZ1bFdzLzlSeFRubG41dE5HVUp0U0MrSm5oblRzUWVnbGJGcHJtN1VlbEJHalpPeU5aUERuTk1YNTQvN2dqYk1jeDY5cVNkVUpxRnBSRktFSkNHZC9rVW9BSHlZZlF0UDlrRFhFTUZicEN6b0FzRXp3U01zR3pCZjAxT1ZEclBhQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2206
content-length
541
expires
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 33CA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:18:08 GMT
css
fonts.googleapis.com/ Frame 33CA 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 05:58:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 06:18:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 06:18:59 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 33CA 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 05:51:39 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 33CA 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 16:07:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 33CA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:17:53 GMT
l
www.google.com/ads/measurement/ Frame 33CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTh5wBWKkhS5TcM7ejdHlh-eLn2Qy2pt1tAZFYnJomhYAaY9lDRFDVwR9pcVLzK4Q3xfljkFtFRb_k9T54m2SfhismvzA
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 33CA 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 19:39:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 19:39:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B1C3 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGPqgy7cBMAE&v=APEucNUKZDDcBo1pmGKb2jEkVAGmM-7L4BrGwzrReQ7rQh6WG_UlDY1qmH7ehminaTBMOnA1yeUtgHvAJVdWox97nwAA3v15c3v33KTfDh4_FY9e-DtNHoXxDvB7f6Dn7043G89Arm5pVfsuw2BtA_YPz7owsFogkSsrqmzikjNEU1_DEBta2BQ
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 16 Dec 2021 06:18:59 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A363 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUnnoayVRkXI0Sw5Ui8tBVqzQFEQVezVdV6FPtEP4PGLl79QHnUc9mmCkGsmnNpLoMrsz7aC1s6h2A8G7XIXEgE07IuYM3EbZTPQYLQ0_FWTzWJcDx1wwaVWI5o4XL7SvesrhYRW2_j8mMxBXR-nVBM37blA&cry=1&dbm_d=AKAmf-DX8cb7le7q4qCQN71tzWlOLmC3nZjLMDD8XPnCN7Yj3WH7cWunGAOQr3OACRx0Y5ZyGSQBAVwtQMd8IhbPHl3HGK_cvH56PD50tLRB5U3tjegk2szqCeQ0th6R7qxj2oFcAdoPzbQjwiILiwJ9zEE0s_bzAZyC31lXREqcJJuYF9VfWP_fXhysaEC4B0STs2plN99K1QCMQn1z05B_nDylKAQtTkXaWg5BTIkXNa3rLWlLRmRo4qNNlIhjSQ26bAVxkn04m8ldX2GhIFDVkBG4XBuwI7hIc9QVBo31NfOo4hS2KvWFGDBdh9PnWDdwnkZD6aQiox7xeRCJw6MI4jPbJ712rEU-RDoeuvQDr_W6VSLWjwRGlAafNb-F8LLqyVTEDxLbnY_e0TCuDjwR3BchiRTtBJ2gpI_xMf_PBeJuJDS-ru9Ianu_dDZXURkhYgEoep7xsNYv7BjdHK3HFA86aEtZFw4hgqNIQFODS0lqn2L138SMq3rGCn3Xk6RHOIxT1HqSkj5VI9nFvzqvf2xk2QXFcusWDhvTft1gg3tqMe-JicFlGeFjOnASuu0XMevOQjLF9b2xBxih8xmUIAZoGGp4IWivJlxjcrlEVc70Z-ByCqgmcBzIgXh0R09F_kZf2wxEXRdGyE-oT-k3fUrah099UnQOQ8C6XFpFhob-bve49MJYOKiKf89lZv4v7tuGRlmApkIi7JxwqZkEf_jrDTc769Zv0GkNYzPcWdE3l9AbQx0mw5R9Cc74UhPU1yOkRgRs1ki7GSf1Pe9SU2FPjVb6pCCwVmZuirIqodNJ-7NQGqNQHcl1o_9jEIC-lN1kU_nSZapXGahQ35y1sRhm6MDBN2pk5xYWBx7sdy9b-UMVWwKEAeJPRYM740g3HpJzPJIv2kg2yNm9KtF4b48yQa2kpJRCwfoGuaZxAtdvXBnW50LXEdLIdc5t1l71xwgfY6aQoahR0KtJajjDAPECiSGnMjAvsIdgx5Ul3KSjTq__qr2M6-5TGxgyyF-MKA8wBNDQIuH8iuTHOuAvFAtKrwk8GbfaZADKEifkz_oTOZ60L9XXdy8Yv1BYIQoRMPNacwPzg59Z1WTyQoyXrYeqHRuBTgs1OgjncfTSyLY74PWhCmoKYD4lNXuxnoQlDHfBNn5uFmpUsiVCJ0TI_GUDcpyw3nplwnBmN0ARn_SHMPacbkCf7EjwVMXJ8GqhGmD9UYJaMHXPbrsduwCeuSZJMRkLR8sxcG90TJL3DZhW-gfm98hIwVeKZM4ujc6eEoqijzDoq7kZ7duBOC_mrXkla4UuMje-ecgu_sEznI_Aaf3qwuP0xcErOu5l2BD0XQ-wUtn5I-8-dOOJxSEmFZNC94MhbeBgES7DgrMBFXD0OrDTDH0JQ38r0HZ6eJ-4mLMlJiScbEnt2Cpu-g_2tm6aIwXldnOCr3Ryy9uFBPbeaHHRQPSj1HH_hkFWO1fq-Qsx5lBkE5MMmKJP-AeLcrxCK81Cd1D2iQZWxkIprOqT5AekRCt-zk-BL0qTzBw1FBLMuJz88pHIDMGtNsnWPyPt-gAj4T1f5mQiaEnyrAXGq6CciKtZdN2xb8rlyyMgQm0tzvfcNxQXduDY9h9KalZsLrKMq9FCiTDhxwzGciYqenQj0G18xD9WmE69l92e338n8hI7J4h-5z8fsw3VbFM6mgHseF4LiR98iSFOYrU_hT4tF1Q_CqWtF_DWcRodrdIErJeIxWy_rziH0iilFwwd2SX8QVpWieHJULohEBfZQ2GTAmHghbpd-PMt9t7yFKSLA_3a1Nm_2wRtyT3LHV7NO9XfwQ7cWIqkl8Bt45Jnba4YeYbhT8Xi-1hhTOmYD2w1sN-G3PfqfbCSq1WPZpo1k0O6L1heHcJDIVOOu5wjCQpw1natbJ7PwDu78RBOSeTFGVcwOvp114RdMk9EanKcKLq54uB9d6h4OXQP0KeixoeICwK1TF-A3f7yir4o5a2sW52DiduJCgRsez-HSiQ7ZV981C13bC6Voa1AzXwxLi7Bisk0u0kenMrAPemG4jYaJPaKd5dSmxRAHMQWBjxlwTWqsZM0ataVhTOoskQZlTmmL_eDzZcaJMN_Uu4kqFUbsQsY7O8oULEw1a66sPkF7Vdc6LrDqTc_xSs_oCZVaRAG7sZ4lpYWObgcsZyCoRMEeSZAQdquFP4TyPO7FPQM9Y19sGNRAAqDghqr2gmOhoN7GhB8AIUByK55r39-yRN_QpaTZqA8ocSNUK3UDH8Hf8PPqZC2MeOVHvJVyi4umGAlSPF0GyNB0aaEc7EaIbfTC6uYZKEbrIHk-EYa_4AZx88znXkcRkwRQcdTD8PeJQHl08t1jEshzaqZcyzhUa2q_wRKxh3Mew2ClDI7oO1oWUCLHf9d3ZNeEdbxpL_-qdO1S76Dn-Xs7WpGdUHBVnpCcfwn5KKQ9H8Mdn88jzD0C4QjqkYbHg-Feo6sKhK2Rykl50LgyLsfrnJbm0SpDDmvgdloH_ia15wjTUaa9gIGOXtlkzU3MN4YV9cSh6IzXNVWkCiwdDuilhnEWE_wo5Vonwu_7nLAQncNP0TyiYrBTSLqDmRJu0Mn7Ptavp1opzmQq7Ft94mZoAbzREvLCqmGZaKFOkNldMmoqQMcocyIuvuH4nwoGnkHtLEDhHPlTDQvvHxubu4X0asf2DuQqDmSbj1jGvPvqPF3qLhOLRDqvI6Ov51OTyRFMhDK0ZvVZYK3XVErwbSHy7mTYtteDgDrJ_78s8glUqwcWXuyKbbLeIUC3X02eVYq2piol4MdwmM01QwOWqDTOCnCTQUOI4OdFve99z9s8KVT98e8joFK-8OTHx1ZajDWTnJ7Trr8x2gIXJbjLa0Uwp70oxs4N8dpdhGH7czK6MbsJ6ErrxJ-i60EGzBNIAlMMilIYuj3g6U0d9uvTlL0XC0Bc_26VafMF1NEkrobK0-vwjG9dRhlo36E-O_Iz92faBVDC_7SVUVA4cQHMjNBiOSeXfbcfau_894ujH_iI801pS9Nteq6exWMa3E2o8iVw-xCj6fph-hTvBSMw2jcr-t7zIOHNKbcM0Zd6CF2h2jeQa3fiBgGJGYgnpMCYAHaW1LDr8mCWqAeGdLa6JEEqmlKdHg4Hd2I3Pdc3Lifct7ZoHW746M-V7nW37-xJ5iZWdVs0LRvdJYmyeczCXf_06qki4rqSWT98dBk_QFIg6_bxtWzg4g8gqHccNwNAxP-P9BpwdAgrvR6DtGSmJAMZOAo4zQgKL74JQQ5Nbui3Mv6O2WyzRXtqj6JNj92I8qsUI9mYCrKGFfjONLqCm95GI8CG9rgsOJbSVQj&cid=CAASEuRofSA57zkT0eZZVoBOh791kw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45a3e1493c4a0e8e4d092586f2c21ff1f4e507d714e1f46a3a436028dd42f787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A363 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRLhmspXEWkjQBYA5JnpkVBWhurnvM-uDtUUhtDMppN6Ao5vsUZCStqBwQwfcpb5tvP3Vig2_K9W12nlfdgdaRmGIuvA9CgklJZENADWXmy5Ev6No
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/847999/57777490/dcm/ Frame A363 		229 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/847999/57777490/dcm/dcmads.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.8.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-8-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b65848b9307eb691e483d0d5d3df6c4fa4349622fddf41851fa8aa33964f3faf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-server-name
app21.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame A363 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=24162870&campId=15160779071&pubId=1&chanId=285585637605&placementId=385011834&dealId=&adsafe_par&impId=ABAjH0gc6R60HZfrqAKvR4V-mBcP&bidurl=https://nationalgeographic.grid.id/
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-66-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8ce7ceca72adcf80e0bbb9c8808dd71940e4a6ef98f75c048ca62cc59ebe805c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-server-name
app04.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A363 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:05:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A363 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:18:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A363 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:17:53 GMT
l
www.google.com/ads/measurement/ Frame A363 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaREy7aKMb6vQ5S7ooQitr6ASThgnw-SuF4EIJWD_b3I5EdQeYj0QYvNKA0bx_TYzY50vRlgmPnWw01gIxBcZ6JbMxEoHA
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5819 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGOjPyrcBMAE&v=APEucNUwN14GklNJykUrsEGWfl1FJXaeaCpszCcQ6cJx-ivx0RNK8NZy9mmT4DfCpGTl1h3zU9O2_r_WRHTuv0OjZFlllSD_ALww6ojvBVEi7N4oZjFSsiuDwyQj8GCsxzxJpVSrQM2LbCQ5oklNawO1Ho7uXgdNnB_tF8_Zn5J-rWjvGJNIMX0
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 16 Dec 2021 06:18:59 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 1878 		24 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYQ4nWSv5LmU2wkfQ1fvYDj5wLBG3ikMVijTVgJtWWosagAPWwVpd9aSw4tQdVy2_E2-a99jAP9AoNALsLjXdbo_f6EkiTaF4ay-QavA3AjkCz6bQ18Lu0FTTirNQaYY_27JwattkWjM_b1SgWb0_NhCQgmA&cry=1&dbm_d=AKAmf-BeFVh0NE9OnlMHcBXlFTIOUUBQUw_-nC59qkCC-z3dA_4BdRMCW-wu8GqGIrvuipQVjzWH9izpgu_EV-MuG6IHUF27EQ-9GhcFvpGHv_8x2QqkD-xNwaeNXHLMM4x8OTu8Jk1M_3lmIlo16RjIj_j9I3NDqx_nDOkWm1mLNBITNAPK7FHjzIr24gkXEPFv02eE0U2HIRRDEwajfJSzMG6lh3Kb8_repGenRaeF66S03pLdeGJ1dyUPIlvBHTRcwuFQvGs6NkHd64FoLjcEF2JgGlXwnYg9BmoWNr4Wfjm2qs5irildxyxIXq5tq3SCSJx76eMQa5Zkjy2wviIJXblJTML70zwfpuF92lzRieeBXpZWa3VyQfH19MaP9H-z8doAeVIphv3bfc2XSPUWpCGbtbancxl7AASaYZOdsbaMQoXsjgppmeEOBB3rL92Gs2Tnteru9H0yqmb4FHgcG8F6OkUeM-R04nGOHXwuZ03wPW2cXTqgKo5D1hVAD8_EboDeKpQBu1yjCncyzZ6bL9zKZSP10EPznPsfdEeeGJXOkEU3hFA-RDVImjU2IQ-ZX-vGWVxHxgr16vOSRyVa81KFnAn8RVovUIfMPSHB9v6t9TTaiz3mTQj7V27XlwP53nGTAsudNmDnN3n0238drEXhiQ65MXUgrqYH-AVrtltNqDTLa6h_VdrDWpBRoSqpPt32ZL--t1hjJbH3CnJMyBB0_ElTLfyNye5RfY0hSawQytD2MdkPxN-mzvfWZ9g3ybgloWW5zbuwj4W6RdtFPkU-R1gfD5eM8hULNwwxSYNCDtaSofrlzlp1Yho0zVpmUqrUb_f6b9vrHv1IUBIaUGw6ZdD2YZna-pAoo4ibYsBL7AF0yesaHi3EZN_iqce3kgjB364ye7IGuS40zFRXpyTpiwtVIBffaKLEga_4CEY4WuNp3Z0IX7S7GZK3A_gU60T6xdxNWNFh-suwyOfgeGTQSr6NUBcz03wOSy6DLkrjlXe32BWe4ceEVDei1BSQiEFf-6sEddPP4hNUGekl-mdTUTypUZp0AjAnmDZkMgzZ3t4CIgqAkoX-aVYoGFt4NKP7iYGBoPTeUiTB5aSxhycyNjXosybLc9rM1VBKLk_ePbxfIngsoh0r_fmDWpbREkLm_VRH9lTtuPVbX1OoHEf7HP12TXoXaYVHBTAVvf0oHkLvQ6RVh2q9E4CXXoc2XlYTvied1EgCZdilN_7beZyKv5bmm4rDaTCTSVAzZiosl8cL9oJiqtrzq9ytFyJW_3Y0sra8zVGDG7QewZe3ujD2qncVEzCUe3uHI0p5EtjqsRCellawZ4sfiSHr5fHeRP0TnjYxNIR6vnEmOoUJnohm0DjHA7xUIQAVKLePO24iwWT9iIpWVwYovzOUvC7xVeu_EJuJ0R0Iid5xXopE2OkORrV0128Ka61K12X7Hx74i_7v2C5mw--BCPaVsdgM-V-46i8RRVTdCELlvvK4CtUhllH1EYkiuiI-1-J7vq_-ESEE3DdCkhVVulEZhYOb70vS3yKDHXOhyl1kyo_z_ek7Rn2lX5UZMVnBcf_qx_NkgMJx8TY_PGjhQbqaAXfM1iXoUNF2X5qqbTasQaQzTrzugAFix24pfNjwVkQoMUhQ0UTrZehI0d1J5eIqZSCo61a7EIC_rSRdnHosD1AbE5VN9nbqCznOnqsL-j377HQxs-mxLTgkD8YEQFr8VPE1iKn3yFASSjUxd75s4fWGNCey7TsQCiyJkwj8Hfa5LYnyZghgW1YhVUhKUsCLJLuyvF_FQZ-HLuxU2B4k10PKjUeAf2uflM6ZXr1OeCq4EQx_9up6QgF7NY4EJpBIOkGZmVHcmlFLN0h5Ng3BR7weWWMeFF4t7F-q87L9FGH86sgShR9mDxWl9OU-DSoGmvP3SMTXmkVYMLyd3_GxzT5MjDyp-pT2B-AA8MId_AbvT9v2Q80kFaf1ymnPiMDhq-KFFboZarm6__Dy-NW1p29xIFFzKzfuxiEtZHCwNDht7DYH4oVg0h7gXT13ypTkluaLcSn6dvrrAfyIiRAcRTXpeOvoj2mJpVRAW_9SpyPaESo5KZi6cgsosEfXJ1Nn4DL9pYwdTRGePChEzNXU0dnPteOlDjeUXXuZNlNHTTGWONYuD7ghQHrdk1gFrEpPm7O_auatBWiuKPJKCJVdzHCgxXjBXMfguwYqivEN4Np15Bb6q-xpmBUZmmTzYl3JJc4dSv3jUTLerkkFj_0RjxpDxSvO5FzCC2s8TtKnEYXl37MMr7Wl9kLBK6bExYOW1HupJcPDn6Zn2zozt6pe-uMe1-5X_owbIPSdze4TU9zq-qTvKEPyRO7JRe7CYvRKnXoZJoPwnx_UOlnDvSyqumGUiC_OpaaWwtdpfYr5rCwjxug5NjfuUFoeWklaBOk22oQETS8697U4FP7yKMYyrMGQLv1yPAnHeHe6rhtj_boQFSUQHhXaP9N2QsV8xWjwOjLheweS_drig55PGOkJ4fxFr8uDmqzTtUQOBNVSIq_c2VIz54WT6Fmy7cS_-Kp6OGNeSO3Xm8DpynJZmWvQHlDdS73QHw1-U9g914iCrdnhN82Jv3SV9MDo7a2c_7LRSibdMEXYpR6vVLtztTlae7pO9oVpmbH4FHc_8F_Kc_VaE-FGUd9zOACtfZ5INjHpAgbPyRVpT5RLsVBoe95nA_VgsdVv0EWgSvkWdSrn8hk4KG8Dgi3xpxRQwibXC-Qdo2X1JwUrtcPYP-CREo4g2RgjS9F1LY2yzIcBpRRE2s_iKuXtUgNw-HR-7inwd15DsEwFJFiATbaqYOMAETCWLH9e4i_oIgyHfgD5PQ8yjGTwDXlsbILqTLe9bKTlq5Ph0w_3vcHNSgKHfjW7Sq0vrsLxeHgzFbirDm8CzFNSrhq4B6mh3eSVNHf8XFy99Tc1k4vJB2_58BYh7HYlASEDzZAEiDzP6RPRV_X2Wzg0SUPkq3ONndfyc7eNBE8I5mYCMO0eMOo-F0OJwE74OOMJiirPE7kSWlf2bsdhZgOzn-mSMZNi2rcfqTEGwiEWV_NfM_eUdcg0-wuGjgs_29Z8XnmQ0akd23-6Z-AmRYYDYUpWl-qS2ECSi3FD3CuXk11AclMQtO6y_617ryjITbCWLQiPn3AGocKt4jbd1j_j386hKzZvrs3AUAzNja0GjtUFVsWoAu5Ti8xSXbDYMhnKMvtltenfdp74B3r4vumoiX9hp3FV8VQjK0O1bTNq-IS9fFTfvxgTP_tPj4YLCJCicn7ZFsb5DVRFi-gc1hcPyg813-ENQkjzCHOhWJIyHTRhKjFslBXk5HM7&cid=CAASEuRo7VVAohsyDiFoxGqg0uqDYw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dcb0f292e74d71df27b491baf0c0df5f0341e314e1c04fb59480dbaebf6c514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1878 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtnhmZE5WspbWF9Yt_gdGk2kqfcDLWjdAajtLC6tjwjVKrQQcqU8nQJpgjGEtgtSD6f8sovMfc4ZkYicZXGPKecp6jl8kmv6aejIGpnub_vVj8C60
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/847999/57777460/dcm/ Frame 1878 		229 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/847999/57777460/dcm/dcmads.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.8.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-8-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
153cda662621f636c86b1846411cd25443b42817078fb734b6b36299e96a523c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-server-name
app23.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 1878 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=24162870&campId=15160779071&pubId=1&chanId=285585637605&placementId=385001448&dealId=&adsafe_par&impId=ABAjH0iVCSOHRTppseu9JlyADcKs&bidurl=https://nationalgeographic.grid.id/
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-66-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3fb4e039ecc23d23e5e7169c4dc25f51fec5e1b138a5e282d27e789268637523

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-server-name
app05.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1878 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:05:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1878 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:18:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1878 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:17:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DA22 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY_ufptwEwAQ&v=APEucNXupUaxnwGd6-pnDZ_aMgfTBEs2ueCGw3DtBK6-prwK0wDbwPiqHQ11g_FbY-hxEU4AhKCgEkx5z_W-DoZYKQGgiXXxAIeybHhnSBv8DVBwglpUm4U2ds3vODp3WF5wjSsucML7HL2R9383CJbfqATDxfMO3ABGVNcKBh9JzPVSAdDT25g
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 16 Dec 2021 06:18:59 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F2A5 		57 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7ypCF6zaFI7dgCKJGLfm2_0DedabRThaYwQdSzv-1-BNBvTzVp1unxm1wqMdw0Vsy8MqxWZoq2kTzYiDd42euTkB9uV29cbGEEl5aOmCchCNPwrHV3oa2oIfxq1cQjiBPU3aX6Fv3fFpCgr1CH9lBrRE8g&dbm_d=AKAmf-DtvhayCqtKI6JQKazHQ75d_cPeDsHhyIHiqOm0gLI7v9Pc5HhQgvdBn4TxPH0EVrbfu_Wo4KanQ8FlTgeNBksX6b40LCoeQOLWp13I0d_3pUYgh2sdYYQMrEoG_taOB1ipx7VKQ_DwOBWLbtW2tJrs4VUIJbpGNX63XGZEp_zRN3JmXEq1QOjFzHMFisnpQCV7CA-FWeRKxOLNW203n0dlbJlYRJR3Kt4iM7aLp2yy_sPd4XQCz8K5Ke3R8z8-8sGFTQtL0zDCiGobFmNz5amZTYXdmjt_CUaWs8Ywl8JIn60je3PZzRrYR2xI6jWSwLMVudeFFgFbicP0y51rrJrfHmI6NEaHQxGxBgvQxwc8dj0740Z1rIMdzh-wf8zYVF4RkYkM-fgtFvRVpRvJ5EmNY5pa57diomz951PTs9lEXrgj6R_rYKq_1Bt9Eiy3yvw1lDku3-vlg21znqPVKfcqqooJda4wO3_BRhQeoYUMHfD0tJHdcdwQ9U3dbuQLV99fk2vRPytgPs3oVMk7YVoOB3Qr0TFOeS3DjiulTiCn16TO4kEu6Zys4ulZDH6i-F-oLkDQ_IcezwO_ca4XPkh-YiMIdu-khvdgei6RdjxjEjCYmgkli2WP0aigELyyWA_WM2fRSUkzvPeQ99RUQgenObA5YIR_IYYQ9VxITB4DkLG0MZRxhq0EBY5Cax5QRp4DddbZzLTw5ChRGkwpteedi3nVEi_OlbQbE1QEC7pep40hJxEg2vk9Y9eQHlv0ha9V_y22Ok0whV0TNpUTFNGdYh_i0bqJz4e0vKZPQctAfLnuzUaOSf2ddnnmbYLo9Tsov0jX2VBpfFIicUOVVL_yVy4DvsK1ZUH1x7VWI5UgaoOGB7-rCzjRcKVvbEocNSmFwxScvNmAby4EsTRER0akX_aCSSBePnhcjw49N0Crc3gQhNH_AqhuDIaRjX9l7FbKLlxpVg6K41dCmtKpxUzqwV4sr64D_6tMxTSOtT_Lwgl6dmh_a7eogc3ndSrygKaI8Lrz0MxjH3g-TrrDyE610x2ObuOaa2NDpuDfYgYh5W3lCR6tSQat06PMRII4IpMcZ1TkMg3fz0aBG2Xz9VImyjyIeGx_S_9OSfUz4R7Ybdsb106VrVQzg9kS422kzAw0aAkYvgKFTGBSw8m5Jnt4l8NeCzFXEStcw89YV3dlrAgeLo4uhPhU4hd1xfXd1wpD19KEv1eSvUTEdV8iZcGYj-kVeo7DuMF9_gXYCa4ImAdvWEN8jps-PHoz6JuUOqREHoNKmtDt-c_8mn2sN9CNOtSvwnTNpcnA0MrhodN9gt7x5f7czmBQZBaO4UZB5TYVds6d7hSIFwq8JK-cbMpib1Um6WfS-sVvncggp91NlgKdtEdCa1PzFHcc_OC9e9LP1TpIKY3NYwqZi2GLASN9oreNQAHJAdDMsuyYXZ2F1g1EDxn33O7TqOVpvxp7HYC6u8cUo4oTpu5w5-TvdQv0ObJCoyS0LoqGCVbDlPSTOqLzPJpuQo3DXlWR0TDy2l1TOJk9h8UR0Bje2UUX45PrJ1wuVuu_N-y3hTSx00SiJNV2j038AQuOnNbpz0E5pnVT72R9DpppQdtvqb40VJRenckVQt3LvcQUBoaT7z4sonUtrAeZqZ_IgOcoq9iO_s9kHqez5UIyOJkMdfltgKEnLFo5Kn5_YFaepbwKzTw6lY4fACQ3kdkbSf-xIgBthNJN73o3dRySBDSWlqLEmG1BuAZNlQ8omdIGjTFclFvZGNZiiy7bCzEt-A-PJydPklOlXmFU1hOIbYc7fhCHoTLORSYwI6hxhsSGMgHfvq5x2EE25i9OT6QZsi_wvZH6blzqo8dY5GpuBDzIqGuT3ZLluYnGvAeEbTKQAH8QulC7IEn62auVNQF9EoMj3b24dsZfHdC5YQYqFqCQ7yUAZAEkWSusGBO1UCfSNwQFBh0UdTs1K5dEIz40o0qHZfv4Lnd1MRsMbJNpFpzmlMKUwV1Rs5mQt1RO1TAD5zWkL-G6SuF3UufvqHU_ebrDfikUAvT83eGw-AwR_sQmv2UVfpxkMpFmpxb8ng2N6JtDjqfvlaoMSAl9v2dI-kZtZKtFTROR0KYo1wzTGq3rYwNy45SdDJRwA3jK7aZNCRBjvVM-fxzMIicMBohWOhcUsmYckQ0sK8rzyyI1cUHOUsg4UkKf4Yotfp84u01D3DDW7e-lWcgH15QOAxlS-qc0zhpOvhK-Ga1AfZw74JaOQKGjxdGVUnCq3VSAU8fRA3__biq7NyKl5KSYjF4XFgKP9JULbTxxSgWyS1N1WLo5rLaCWPU0mDoRGWzSxN9somppTqYw0v_L5K1Tj-3hY-8T8X0n7A9fBs1vWgLdQRuhUXyAvuYiKi-ml7yZJP29V53kFRnSmPIAXNN7Vss-WbI24sPh3_GBlayvncjlOMZEuIHJVFEBqnh9ok9rhrOB8EwBCCaog91JhqfDwKPsDn_yHh6pJkTErfypd5t1S1s0PVJmFc4rFSR_Cdiczpx2Pi5lxK9-wTjEuV2b0w_yBFl897YJJiXcw4EVoeDLPSx25XEfRYsB78ypTFrEDgAGG5jUDel2TPbt-OEZsfWcin6ZjXNMlIBo1C5Xqz-va_9dAQRibylxO3MZQtE6rZNoGy-_Ow8j8ny1buv84bzTZkGlFtZ_Sx7pRW10cyUhNZNY8D9GvQL0Fo0V8O0tAQfU0pGAl9UoBvN8kWD6wy2JswIUuAOtXO9zufY1wvqLATHQAnbELVJSFUbc7THEKroV90iM8VA2i-vFEo_Fs4UJCDZfMsdHMMl2rTHo4FCQRXnNmQVUHdJ_DAuAickmwd6P2SVc8iCXRrPkXudh9eAFCIq0qO8cOLezSNfwF959IrICGzgkqJfHH7wecNjIDpP9k9IH_Es2E07sv1kiaysMXY0HmWjSAz5_OgrW5eGtZVe5YZ5jLqubkWD2RYvIOCWoOrYME9bCaW1rbigKmIiiLt_Dm0VKkF7a0GgUBFjMbLuESNAs3WUIAVigew&cid=CAASEuRoUKGGYKaRaQC0-dRk2S6dOw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b56f73a7d56f36e2d5a084f0b4395306e2748b9701a13717e401fbbfbebb201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28693
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F2A5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3_tPa5DvHBj9llYPekZ_ro7f_OX4dqy7-hiF4LV8hmiuT5DYbLladRsoJMq_Zkqrq4AMJ06qRVO_VSE0r7NliVviwPEXoxnGOWvkYioYmf68c5wA
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F2A5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:05:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F2A5 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:18:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F2A5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:17:53 GMT
l
www.google.com/ads/measurement/ Frame F2A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSoXzmIMhTDB0-gdxqnfhBcCE0cnohFfh36f-9T6JbJuX3-1fq_eYyUIJ-FoiQlA1u_dSJGdxvbNBoTuyY0dqhe0LaE_A
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
css2
fonts.googleapis.com/ Frame 7CA1 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 05:55:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 06:18:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 06:18:59 GMT
css
fonts.googleapis.com/ Frame 3A88 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 05:59:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 06:18:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 06:18:59 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3A88 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:16:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 3A88 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:18:08 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3A88 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:05:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A88 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:18:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3A88 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:17:53 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 3A88 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 14:47:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 12 Mar 2022 14:47:32 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 7CA1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 05:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1965
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 05:46:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7CA1 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 21:17:08 GMT
x-content-type-options
nosniff
age
32511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 15 Dec 2022 21:17:08 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7CA1 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:28:25 GMT
x-content-type-options
nosniff
age
67834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 15 Dec 2022 11:28:25 GMT
usync.html
eus.rubiconproject.com/ Frame 3544
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Dec 2021 06:18:59 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date
Thu, 16 Dec 2021 06:18:59 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 6EEB 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 08:07:40 GMT
Server
AkamaiNetStorage
ETag
"0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10406
truncated
/ Frame 6EEB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51068bc89f46b22820e139bde22a58f847a936d70296dd3b5117efb4b6c80268

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame 9BAE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Dec 2021 06:18:59 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date
Thu, 16 Dec 2021 06:18:59 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 7A84 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 08:07:40 GMT
Server
AkamaiNetStorage
ETag
"0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10406
truncated
/ Frame 7A84 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7af716800c55ac4d171e9cd2a374cb4e76135462878a1c0bf2235f7e787b3be2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
hbbids_t
trabd.jixie.io/sync/ 		0
206 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trabd.jixie.io/sync/hbbids_t?x=1
Requested by
Host: scripts.jixie.io
URL: https://scripts.jixie.io/jixietracker.min.js?accountid=fa9afd31c9c8769a7ae23ef3661ac43f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.43.132.130 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nationalgeographic.grid.id
Date
Thu, 16 Dec 2021 06:18:59 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Vary
Origin
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B2C1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Dec 2021 05:53:44 GMT
expires
Fri, 17 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1515
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame F2A5 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7ypCF6zaFI7dgCKJGLfm2_0DedabRThaYwQdSzv-1-BNBvTzVp1unxm1wqMdw0Vsy8MqxWZoq2kTzYiDd42euTkB9uV29cbGEEl5aOmCchCNPwrHV3oa2oIfxq1cQjiBPU3aX6Fv3fFpCgr1CH9lBrRE8g&dbm_d=AKAmf-DtvhayCqtKI6JQKazHQ75d_cPeDsHhyIHiqOm0gLI7v9Pc5HhQgvdBn4TxPH0EVrbfu_Wo4KanQ8FlTgeNBksX6b40LCoeQOLWp13I0d_3pUYgh2sdYYQMrEoG_taOB1ipx7VKQ_DwOBWLbtW2tJrs4VUIJbpGNX63XGZEp_zRN3JmXEq1QOjFzHMFisnpQCV7CA-FWeRKxOLNW203n0dlbJlYRJR3Kt4iM7aLp2yy_sPd4XQCz8K5Ke3R8z8-8sGFTQtL0zDCiGobFmNz5amZTYXdmjt_CUaWs8Ywl8JIn60je3PZzRrYR2xI6jWSwLMVudeFFgFbicP0y51rrJrfHmI6NEaHQxGxBgvQxwc8dj0740Z1rIMdzh-wf8zYVF4RkYkM-fgtFvRVpRvJ5EmNY5pa57diomz951PTs9lEXrgj6R_rYKq_1Bt9Eiy3yvw1lDku3-vlg21znqPVKfcqqooJda4wO3_BRhQeoYUMHfD0tJHdcdwQ9U3dbuQLV99fk2vRPytgPs3oVMk7YVoOB3Qr0TFOeS3DjiulTiCn16TO4kEu6Zys4ulZDH6i-F-oLkDQ_IcezwO_ca4XPkh-YiMIdu-khvdgei6RdjxjEjCYmgkli2WP0aigELyyWA_WM2fRSUkzvPeQ99RUQgenObA5YIR_IYYQ9VxITB4DkLG0MZRxhq0EBY5Cax5QRp4DddbZzLTw5ChRGkwpteedi3nVEi_OlbQbE1QEC7pep40hJxEg2vk9Y9eQHlv0ha9V_y22Ok0whV0TNpUTFNGdYh_i0bqJz4e0vKZPQctAfLnuzUaOSf2ddnnmbYLo9Tsov0jX2VBpfFIicUOVVL_yVy4DvsK1ZUH1x7VWI5UgaoOGB7-rCzjRcKVvbEocNSmFwxScvNmAby4EsTRER0akX_aCSSBePnhcjw49N0Crc3gQhNH_AqhuDIaRjX9l7FbKLlxpVg6K41dCmtKpxUzqwV4sr64D_6tMxTSOtT_Lwgl6dmh_a7eogc3ndSrygKaI8Lrz0MxjH3g-TrrDyE610x2ObuOaa2NDpuDfYgYh5W3lCR6tSQat06PMRII4IpMcZ1TkMg3fz0aBG2Xz9VImyjyIeGx_S_9OSfUz4R7Ybdsb106VrVQzg9kS422kzAw0aAkYvgKFTGBSw8m5Jnt4l8NeCzFXEStcw89YV3dlrAgeLo4uhPhU4hd1xfXd1wpD19KEv1eSvUTEdV8iZcGYj-kVeo7DuMF9_gXYCa4ImAdvWEN8jps-PHoz6JuUOqREHoNKmtDt-c_8mn2sN9CNOtSvwnTNpcnA0MrhodN9gt7x5f7czmBQZBaO4UZB5TYVds6d7hSIFwq8JK-cbMpib1Um6WfS-sVvncggp91NlgKdtEdCa1PzFHcc_OC9e9LP1TpIKY3NYwqZi2GLASN9oreNQAHJAdDMsuyYXZ2F1g1EDxn33O7TqOVpvxp7HYC6u8cUo4oTpu5w5-TvdQv0ObJCoyS0LoqGCVbDlPSTOqLzPJpuQo3DXlWR0TDy2l1TOJk9h8UR0Bje2UUX45PrJ1wuVuu_N-y3hTSx00SiJNV2j038AQuOnNbpz0E5pnVT72R9DpppQdtvqb40VJRenckVQt3LvcQUBoaT7z4sonUtrAeZqZ_IgOcoq9iO_s9kHqez5UIyOJkMdfltgKEnLFo5Kn5_YFaepbwKzTw6lY4fACQ3kdkbSf-xIgBthNJN73o3dRySBDSWlqLEmG1BuAZNlQ8omdIGjTFclFvZGNZiiy7bCzEt-A-PJydPklOlXmFU1hOIbYc7fhCHoTLORSYwI6hxhsSGMgHfvq5x2EE25i9OT6QZsi_wvZH6blzqo8dY5GpuBDzIqGuT3ZLluYnGvAeEbTKQAH8QulC7IEn62auVNQF9EoMj3b24dsZfHdC5YQYqFqCQ7yUAZAEkWSusGBO1UCfSNwQFBh0UdTs1K5dEIz40o0qHZfv4Lnd1MRsMbJNpFpzmlMKUwV1Rs5mQt1RO1TAD5zWkL-G6SuF3UufvqHU_ebrDfikUAvT83eGw-AwR_sQmv2UVfpxkMpFmpxb8ng2N6JtDjqfvlaoMSAl9v2dI-kZtZKtFTROR0KYo1wzTGq3rYwNy45SdDJRwA3jK7aZNCRBjvVM-fxzMIicMBohWOhcUsmYckQ0sK8rzyyI1cUHOUsg4UkKf4Yotfp84u01D3DDW7e-lWcgH15QOAxlS-qc0zhpOvhK-Ga1AfZw74JaOQKGjxdGVUnCq3VSAU8fRA3__biq7NyKl5KSYjF4XFgKP9JULbTxxSgWyS1N1WLo5rLaCWPU0mDoRGWzSxN9somppTqYw0v_L5K1Tj-3hY-8T8X0n7A9fBs1vWgLdQRuhUXyAvuYiKi-ml7yZJP29V53kFRnSmPIAXNN7Vss-WbI24sPh3_GBlayvncjlOMZEuIHJVFEBqnh9ok9rhrOB8EwBCCaog91JhqfDwKPsDn_yHh6pJkTErfypd5t1S1s0PVJmFc4rFSR_Cdiczpx2Pi5lxK9-wTjEuV2b0w_yBFl897YJJiXcw4EVoeDLPSx25XEfRYsB78ypTFrEDgAGG5jUDel2TPbt-OEZsfWcin6ZjXNMlIBo1C5Xqz-va_9dAQRibylxO3MZQtE6rZNoGy-_Ow8j8ny1buv84bzTZkGlFtZ_Sx7pRW10cyUhNZNY8D9GvQL0Fo0V8O0tAQfU0pGAl9UoBvN8kWD6wy2JswIUuAOtXO9zufY1wvqLATHQAnbELVJSFUbc7THEKroV90iM8VA2i-vFEo_Fs4UJCDZfMsdHMMl2rTHo4FCQRXnNmQVUHdJ_DAuAickmwd6P2SVc8iCXRrPkXudh9eAFCIq0qO8cOLezSNfwF959IrICGzgkqJfHH7wecNjIDpP9k9IH_Es2E07sv1kiaysMXY0HmWjSAz5_OgrW5eGtZVe5YZ5jLqubkWD2RYvIOCWoOrYME9bCaW1rbigKmIiiLt_Dm0VKkF7a0GgUBFjMbLuESNAs3WUIAVigew&cid=CAASEuRoUKGGYKaRaQC0-dRk2S6dOw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:18:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame F2A5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7ypCF6zaFI7dgCKJGLfm2_0DedabRThaYwQdSzv-1-BNBvTzVp1unxm1wqMdw0Vsy8MqxWZoq2kTzYiDd42euTkB9uV29cbGEEl5aOmCchCNPwrHV3oa2oIfxq1cQjiBPU3aX6Fv3fFpCgr1CH9lBrRE8g&dbm_d=AKAmf-DtvhayCqtKI6JQKazHQ75d_cPeDsHhyIHiqOm0gLI7v9Pc5HhQgvdBn4TxPH0EVrbfu_Wo4KanQ8FlTgeNBksX6b40LCoeQOLWp13I0d_3pUYgh2sdYYQMrEoG_taOB1ipx7VKQ_DwOBWLbtW2tJrs4VUIJbpGNX63XGZEp_zRN3JmXEq1QOjFzHMFisnpQCV7CA-FWeRKxOLNW203n0dlbJlYRJR3Kt4iM7aLp2yy_sPd4XQCz8K5Ke3R8z8-8sGFTQtL0zDCiGobFmNz5amZTYXdmjt_CUaWs8Ywl8JIn60je3PZzRrYR2xI6jWSwLMVudeFFgFbicP0y51rrJrfHmI6NEaHQxGxBgvQxwc8dj0740Z1rIMdzh-wf8zYVF4RkYkM-fgtFvRVpRvJ5EmNY5pa57diomz951PTs9lEXrgj6R_rYKq_1Bt9Eiy3yvw1lDku3-vlg21znqPVKfcqqooJda4wO3_BRhQeoYUMHfD0tJHdcdwQ9U3dbuQLV99fk2vRPytgPs3oVMk7YVoOB3Qr0TFOeS3DjiulTiCn16TO4kEu6Zys4ulZDH6i-F-oLkDQ_IcezwO_ca4XPkh-YiMIdu-khvdgei6RdjxjEjCYmgkli2WP0aigELyyWA_WM2fRSUkzvPeQ99RUQgenObA5YIR_IYYQ9VxITB4DkLG0MZRxhq0EBY5Cax5QRp4DddbZzLTw5ChRGkwpteedi3nVEi_OlbQbE1QEC7pep40hJxEg2vk9Y9eQHlv0ha9V_y22Ok0whV0TNpUTFNGdYh_i0bqJz4e0vKZPQctAfLnuzUaOSf2ddnnmbYLo9Tsov0jX2VBpfFIicUOVVL_yVy4DvsK1ZUH1x7VWI5UgaoOGB7-rCzjRcKVvbEocNSmFwxScvNmAby4EsTRER0akX_aCSSBePnhcjw49N0Crc3gQhNH_AqhuDIaRjX9l7FbKLlxpVg6K41dCmtKpxUzqwV4sr64D_6tMxTSOtT_Lwgl6dmh_a7eogc3ndSrygKaI8Lrz0MxjH3g-TrrDyE610x2ObuOaa2NDpuDfYgYh5W3lCR6tSQat06PMRII4IpMcZ1TkMg3fz0aBG2Xz9VImyjyIeGx_S_9OSfUz4R7Ybdsb106VrVQzg9kS422kzAw0aAkYvgKFTGBSw8m5Jnt4l8NeCzFXEStcw89YV3dlrAgeLo4uhPhU4hd1xfXd1wpD19KEv1eSvUTEdV8iZcGYj-kVeo7DuMF9_gXYCa4ImAdvWEN8jps-PHoz6JuUOqREHoNKmtDt-c_8mn2sN9CNOtSvwnTNpcnA0MrhodN9gt7x5f7czmBQZBaO4UZB5TYVds6d7hSIFwq8JK-cbMpib1Um6WfS-sVvncggp91NlgKdtEdCa1PzFHcc_OC9e9LP1TpIKY3NYwqZi2GLASN9oreNQAHJAdDMsuyYXZ2F1g1EDxn33O7TqOVpvxp7HYC6u8cUo4oTpu5w5-TvdQv0ObJCoyS0LoqGCVbDlPSTOqLzPJpuQo3DXlWR0TDy2l1TOJk9h8UR0Bje2UUX45PrJ1wuVuu_N-y3hTSx00SiJNV2j038AQuOnNbpz0E5pnVT72R9DpppQdtvqb40VJRenckVQt3LvcQUBoaT7z4sonUtrAeZqZ_IgOcoq9iO_s9kHqez5UIyOJkMdfltgKEnLFo5Kn5_YFaepbwKzTw6lY4fACQ3kdkbSf-xIgBthNJN73o3dRySBDSWlqLEmG1BuAZNlQ8omdIGjTFclFvZGNZiiy7bCzEt-A-PJydPklOlXmFU1hOIbYc7fhCHoTLORSYwI6hxhsSGMgHfvq5x2EE25i9OT6QZsi_wvZH6blzqo8dY5GpuBDzIqGuT3ZLluYnGvAeEbTKQAH8QulC7IEn62auVNQF9EoMj3b24dsZfHdC5YQYqFqCQ7yUAZAEkWSusGBO1UCfSNwQFBh0UdTs1K5dEIz40o0qHZfv4Lnd1MRsMbJNpFpzmlMKUwV1Rs5mQt1RO1TAD5zWkL-G6SuF3UufvqHU_ebrDfikUAvT83eGw-AwR_sQmv2UVfpxkMpFmpxb8ng2N6JtDjqfvlaoMSAl9v2dI-kZtZKtFTROR0KYo1wzTGq3rYwNy45SdDJRwA3jK7aZNCRBjvVM-fxzMIicMBohWOhcUsmYckQ0sK8rzyyI1cUHOUsg4UkKf4Yotfp84u01D3DDW7e-lWcgH15QOAxlS-qc0zhpOvhK-Ga1AfZw74JaOQKGjxdGVUnCq3VSAU8fRA3__biq7NyKl5KSYjF4XFgKP9JULbTxxSgWyS1N1WLo5rLaCWPU0mDoRGWzSxN9somppTqYw0v_L5K1Tj-3hY-8T8X0n7A9fBs1vWgLdQRuhUXyAvuYiKi-ml7yZJP29V53kFRnSmPIAXNN7Vss-WbI24sPh3_GBlayvncjlOMZEuIHJVFEBqnh9ok9rhrOB8EwBCCaog91JhqfDwKPsDn_yHh6pJkTErfypd5t1S1s0PVJmFc4rFSR_Cdiczpx2Pi5lxK9-wTjEuV2b0w_yBFl897YJJiXcw4EVoeDLPSx25XEfRYsB78ypTFrEDgAGG5jUDel2TPbt-OEZsfWcin6ZjXNMlIBo1C5Xqz-va_9dAQRibylxO3MZQtE6rZNoGy-_Ow8j8ny1buv84bzTZkGlFtZ_Sx7pRW10cyUhNZNY8D9GvQL0Fo0V8O0tAQfU0pGAl9UoBvN8kWD6wy2JswIUuAOtXO9zufY1wvqLATHQAnbELVJSFUbc7THEKroV90iM8VA2i-vFEo_Fs4UJCDZfMsdHMMl2rTHo4FCQRXnNmQVUHdJ_DAuAickmwd6P2SVc8iCXRrPkXudh9eAFCIq0qO8cOLezSNfwF959IrICGzgkqJfHH7wecNjIDpP9k9IH_Es2E07sv1kiaysMXY0HmWjSAz5_OgrW5eGtZVe5YZ5jLqubkWD2RYvIOCWoOrYME9bCaW1rbigKmIiiLt_Dm0VKkF7a0GgUBFjMbLuESNAs3WUIAVigew&cid=CAASEuRoUKGGYKaRaQC0-dRk2S6dOw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:16:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F2A5 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFh1kMU4YfB4UgYtWq6Gbr3eaA5MTTr6J6eekxOApFLLUv3HRohBoxvqQPqzgjEbscT4nhnxwo0b7TQQgIUfPpDMS2hR0uh3RinAFqLsxdyUhjDtz1Gdcq6YEmVyxF2fVcKAYkMXeVtxDcDHT-cb1rJpn9fp9bzg1DwWvB2RpHcNmyDcHFsRkzgtIiZOhqaFTCS73lJR_L_b1QFHQdwM6oA2hXeYUmiXcpRuTmeHob4TAqwQPBrfga0Iot9uHhDePHH2doKStfL9bbrC6P1uDTWxG4qGWbFmccy4W1Ast_Wam7gTQTaoFNnokeQEqdGjVeGjY1Z2YBE6ZI9w5Jx3T-nj-tAKBhfUYYLlMs_5rSCMdCdog5fiQtjocJDcRpOyEV708xAM_qAvWbV2qwLOx7KPU-gu10kLBoWCXRHPQSwLVIElGgkYgKbTVi17F969G1_9uYYK63GqHvHLCdCRY-MH5sucZE8poU2PMiCoH-ZZ7XbTvQpbqwwILyAHfuG6Z1_3A6ECRGCjhbWlPVr9DWsiAwHiK3_kFL57wMuhFLIpz_NPWPKQquf2R-1kEiy40QuvV_yF7Z77ZMHjfiTKhkFKidRNVQnnKsbI1ZDmb1KyYV2kDxW9r7Wv5Mz5EmI7Qfjjb_4ffQtpbhjyAODdUpIXadHkIletw5lwrhvPVk2Vu5aroNjihLfM_wtwTBqrK3aOCMjikVEE-CeYY_vMtpY7Oe8KHMFwKZpG9ElMVm2c-x_5iqN5VHAQatp_7b2iP2RVAaJM4xGqowUlPAeFsR0itEDlIG_BocC4eREOaZJz9xlkZ7K8jwe-AvlcLIM-6zVfVXHXawi0Hffwu0zIpwoLn1sMZtMJ8I5wwDjdmMcqO7K9FYcGOXes__9wIWlV94Zo4p0BDkvNTyGtnATQOCub9mMLNwv-FpFNwCEQWoi007i8aU1MiR13GtMNW1TnYduS-a2fL6tas1bT5k8UZzfG6RhuSgcvtsejWikTUvruNmMz-RyIgR9OZ1QdYnHxH5X0gzOzXfTmGHwZL-TNHoCNll7xYdfGB2qW5UhQfjN80vsCUa2STX-hzbiRFEI25OWm1pgSAYpHWoaxxVOxjs_IJHPm-IrLIKCP2ASO9WtGKXSnkW7r722lkwKYjpr9-R6ZSPLwCCnIGCaB0E1D6VrF-ZUoO5X1UsazW9mrjfPc3s49KqZYJKkYrAUw3vNdsKO_kgT0QXzA&sai=AMfl-YQBq9bEb1zDJ1S5ry5N0z47nf-CJs9tdV0ALVcEkGJpaWgyaTCNC6cHqqVsWppXkZjKP9_5nrpo-cATBr6GxgUDzShVV4AHn2oPk8LqNE9Rwr_M7l45sZUXigSl3JDWsLTTP_jrfGPPw_6rEylNJSUjJ439iA&sig=Cg0ArKJSzB3E6-gxR5cVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.92297&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7ypCF6zaFI7dgCKJGLfm2_0DedabRThaYwQdSzv-1-BNBvTzVp1unxm1wqMdw0Vsy8MqxWZoq2kTzYiDd42euTkB9uV29cbGEEl5aOmCchCNPwrHV3oa2oIfxq1cQjiBPU3aX6Fv3fFpCgr1CH9lBrRE8g&dbm_d=AKAmf-DtvhayCqtKI6JQKazHQ75d_cPeDsHhyIHiqOm0gLI7v9Pc5HhQgvdBn4TxPH0EVrbfu_Wo4KanQ8FlTgeNBksX6b40LCoeQOLWp13I0d_3pUYgh2sdYYQMrEoG_taOB1ipx7VKQ_DwOBWLbtW2tJrs4VUIJbpGNX63XGZEp_zRN3JmXEq1QOjFzHMFisnpQCV7CA-FWeRKxOLNW203n0dlbJlYRJR3Kt4iM7aLp2yy_sPd4XQCz8K5Ke3R8z8-8sGFTQtL0zDCiGobFmNz5amZTYXdmjt_CUaWs8Ywl8JIn60je3PZzRrYR2xI6jWSwLMVudeFFgFbicP0y51rrJrfHmI6NEaHQxGxBgvQxwc8dj0740Z1rIMdzh-wf8zYVF4RkYkM-fgtFvRVpRvJ5EmNY5pa57diomz951PTs9lEXrgj6R_rYKq_1Bt9Eiy3yvw1lDku3-vlg21znqPVKfcqqooJda4wO3_BRhQeoYUMHfD0tJHdcdwQ9U3dbuQLV99fk2vRPytgPs3oVMk7YVoOB3Qr0TFOeS3DjiulTiCn16TO4kEu6Zys4ulZDH6i-F-oLkDQ_IcezwO_ca4XPkh-YiMIdu-khvdgei6RdjxjEjCYmgkli2WP0aigELyyWA_WM2fRSUkzvPeQ99RUQgenObA5YIR_IYYQ9VxITB4DkLG0MZRxhq0EBY5Cax5QRp4DddbZzLTw5ChRGkwpteedi3nVEi_OlbQbE1QEC7pep40hJxEg2vk9Y9eQHlv0ha9V_y22Ok0whV0TNpUTFNGdYh_i0bqJz4e0vKZPQctAfLnuzUaOSf2ddnnmbYLo9Tsov0jX2VBpfFIicUOVVL_yVy4DvsK1ZUH1x7VWI5UgaoOGB7-rCzjRcKVvbEocNSmFwxScvNmAby4EsTRER0akX_aCSSBePnhcjw49N0Crc3gQhNH_AqhuDIaRjX9l7FbKLlxpVg6K41dCmtKpxUzqwV4sr64D_6tMxTSOtT_Lwgl6dmh_a7eogc3ndSrygKaI8Lrz0MxjH3g-TrrDyE610x2ObuOaa2NDpuDfYgYh5W3lCR6tSQat06PMRII4IpMcZ1TkMg3fz0aBG2Xz9VImyjyIeGx_S_9OSfUz4R7Ybdsb106VrVQzg9kS422kzAw0aAkYvgKFTGBSw8m5Jnt4l8NeCzFXEStcw89YV3dlrAgeLo4uhPhU4hd1xfXd1wpD19KEv1eSvUTEdV8iZcGYj-kVeo7DuMF9_gXYCa4ImAdvWEN8jps-PHoz6JuUOqREHoNKmtDt-c_8mn2sN9CNOtSvwnTNpcnA0MrhodN9gt7x5f7czmBQZBaO4UZB5TYVds6d7hSIFwq8JK-cbMpib1Um6WfS-sVvncggp91NlgKdtEdCa1PzFHcc_OC9e9LP1TpIKY3NYwqZi2GLASN9oreNQAHJAdDMsuyYXZ2F1g1EDxn33O7TqOVpvxp7HYC6u8cUo4oTpu5w5-TvdQv0ObJCoyS0LoqGCVbDlPSTOqLzPJpuQo3DXlWR0TDy2l1TOJk9h8UR0Bje2UUX45PrJ1wuVuu_N-y3hTSx00SiJNV2j038AQuOnNbpz0E5pnVT72R9DpppQdtvqb40VJRenckVQt3LvcQUBoaT7z4sonUtrAeZqZ_IgOcoq9iO_s9kHqez5UIyOJkMdfltgKEnLFo5Kn5_YFaepbwKzTw6lY4fACQ3kdkbSf-xIgBthNJN73o3dRySBDSWlqLEmG1BuAZNlQ8omdIGjTFclFvZGNZiiy7bCzEt-A-PJydPklOlXmFU1hOIbYc7fhCHoTLORSYwI6hxhsSGMgHfvq5x2EE25i9OT6QZsi_wvZH6blzqo8dY5GpuBDzIqGuT3ZLluYnGvAeEbTKQAH8QulC7IEn62auVNQF9EoMj3b24dsZfHdC5YQYqFqCQ7yUAZAEkWSusGBO1UCfSNwQFBh0UdTs1K5dEIz40o0qHZfv4Lnd1MRsMbJNpFpzmlMKUwV1Rs5mQt1RO1TAD5zWkL-G6SuF3UufvqHU_ebrDfikUAvT83eGw-AwR_sQmv2UVfpxkMpFmpxb8ng2N6JtDjqfvlaoMSAl9v2dI-kZtZKtFTROR0KYo1wzTGq3rYwNy45SdDJRwA3jK7aZNCRBjvVM-fxzMIicMBohWOhcUsmYckQ0sK8rzyyI1cUHOUsg4UkKf4Yotfp84u01D3DDW7e-lWcgH15QOAxlS-qc0zhpOvhK-Ga1AfZw74JaOQKGjxdGVUnCq3VSAU8fRA3__biq7NyKl5KSYjF4XFgKP9JULbTxxSgWyS1N1WLo5rLaCWPU0mDoRGWzSxN9somppTqYw0v_L5K1Tj-3hY-8T8X0n7A9fBs1vWgLdQRuhUXyAvuYiKi-ml7yZJP29V53kFRnSmPIAXNN7Vss-WbI24sPh3_GBlayvncjlOMZEuIHJVFEBqnh9ok9rhrOB8EwBCCaog91JhqfDwKPsDn_yHh6pJkTErfypd5t1S1s0PVJmFc4rFSR_Cdiczpx2Pi5lxK9-wTjEuV2b0w_yBFl897YJJiXcw4EVoeDLPSx25XEfRYsB78ypTFrEDgAGG5jUDel2TPbt-OEZsfWcin6ZjXNMlIBo1C5Xqz-va_9dAQRibylxO3MZQtE6rZNoGy-_Ow8j8ny1buv84bzTZkGlFtZ_Sx7pRW10cyUhNZNY8D9GvQL0Fo0V8O0tAQfU0pGAl9UoBvN8kWD6wy2JswIUuAOtXO9zufY1wvqLATHQAnbELVJSFUbc7THEKroV90iM8VA2i-vFEo_Fs4UJCDZfMsdHMMl2rTHo4FCQRXnNmQVUHdJ_DAuAickmwd6P2SVc8iCXRrPkXudh9eAFCIq0qO8cOLezSNfwF959IrICGzgkqJfHH7wecNjIDpP9k9IH_Es2E07sv1kiaysMXY0HmWjSAz5_OgrW5eGtZVe5YZ5jLqubkWD2RYvIOCWoOrYME9bCaW1rbigKmIiiLt_Dm0VKkF7a0GgUBFjMbLuESNAs3WUIAVigew&cid=CAASEuRoUKGGYKaRaQC0-dRk2S6dOw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 16 Dec 2021 06:19:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F2A5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7ypCF6zaFI7dgCKJGLfm2_0DedabRThaYwQdSzv-1-BNBvTzVp1unxm1wqMdw0Vsy8MqxWZoq2kTzYiDd42euTkB9uV29cbGEEl5aOmCchCNPwrHV3oa2oIfxq1cQjiBPU3aX6Fv3fFpCgr1CH9lBrRE8g&dbm_d=AKAmf-DtvhayCqtKI6JQKazHQ75d_cPeDsHhyIHiqOm0gLI7v9Pc5HhQgvdBn4TxPH0EVrbfu_Wo4KanQ8FlTgeNBksX6b40LCoeQOLWp13I0d_3pUYgh2sdYYQMrEoG_taOB1ipx7VKQ_DwOBWLbtW2tJrs4VUIJbpGNX63XGZEp_zRN3JmXEq1QOjFzHMFisnpQCV7CA-FWeRKxOLNW203n0dlbJlYRJR3Kt4iM7aLp2yy_sPd4XQCz8K5Ke3R8z8-8sGFTQtL0zDCiGobFmNz5amZTYXdmjt_CUaWs8Ywl8JIn60je3PZzRrYR2xI6jWSwLMVudeFFgFbicP0y51rrJrfHmI6NEaHQxGxBgvQxwc8dj0740Z1rIMdzh-wf8zYVF4RkYkM-fgtFvRVpRvJ5EmNY5pa57diomz951PTs9lEXrgj6R_rYKq_1Bt9Eiy3yvw1lDku3-vlg21znqPVKfcqqooJda4wO3_BRhQeoYUMHfD0tJHdcdwQ9U3dbuQLV99fk2vRPytgPs3oVMk7YVoOB3Qr0TFOeS3DjiulTiCn16TO4kEu6Zys4ulZDH6i-F-oLkDQ_IcezwO_ca4XPkh-YiMIdu-khvdgei6RdjxjEjCYmgkli2WP0aigELyyWA_WM2fRSUkzvPeQ99RUQgenObA5YIR_IYYQ9VxITB4DkLG0MZRxhq0EBY5Cax5QRp4DddbZzLTw5ChRGkwpteedi3nVEi_OlbQbE1QEC7pep40hJxEg2vk9Y9eQHlv0ha9V_y22Ok0whV0TNpUTFNGdYh_i0bqJz4e0vKZPQctAfLnuzUaOSf2ddnnmbYLo9Tsov0jX2VBpfFIicUOVVL_yVy4DvsK1ZUH1x7VWI5UgaoOGB7-rCzjRcKVvbEocNSmFwxScvNmAby4EsTRER0akX_aCSSBePnhcjw49N0Crc3gQhNH_AqhuDIaRjX9l7FbKLlxpVg6K41dCmtKpxUzqwV4sr64D_6tMxTSOtT_Lwgl6dmh_a7eogc3ndSrygKaI8Lrz0MxjH3g-TrrDyE610x2ObuOaa2NDpuDfYgYh5W3lCR6tSQat06PMRII4IpMcZ1TkMg3fz0aBG2Xz9VImyjyIeGx_S_9OSfUz4R7Ybdsb106VrVQzg9kS422kzAw0aAkYvgKFTGBSw8m5Jnt4l8NeCzFXEStcw89YV3dlrAgeLo4uhPhU4hd1xfXd1wpD19KEv1eSvUTEdV8iZcGYj-kVeo7DuMF9_gXYCa4ImAdvWEN8jps-PHoz6JuUOqREHoNKmtDt-c_8mn2sN9CNOtSvwnTNpcnA0MrhodN9gt7x5f7czmBQZBaO4UZB5TYVds6d7hSIFwq8JK-cbMpib1Um6WfS-sVvncggp91NlgKdtEdCa1PzFHcc_OC9e9LP1TpIKY3NYwqZi2GLASN9oreNQAHJAdDMsuyYXZ2F1g1EDxn33O7TqOVpvxp7HYC6u8cUo4oTpu5w5-TvdQv0ObJCoyS0LoqGCVbDlPSTOqLzPJpuQo3DXlWR0TDy2l1TOJk9h8UR0Bje2UUX45PrJ1wuVuu_N-y3hTSx00SiJNV2j038AQuOnNbpz0E5pnVT72R9DpppQdtvqb40VJRenckVQt3LvcQUBoaT7z4sonUtrAeZqZ_IgOcoq9iO_s9kHqez5UIyOJkMdfltgKEnLFo5Kn5_YFaepbwKzTw6lY4fACQ3kdkbSf-xIgBthNJN73o3dRySBDSWlqLEmG1BuAZNlQ8omdIGjTFclFvZGNZiiy7bCzEt-A-PJydPklOlXmFU1hOIbYc7fhCHoTLORSYwI6hxhsSGMgHfvq5x2EE25i9OT6QZsi_wvZH6blzqo8dY5GpuBDzIqGuT3ZLluYnGvAeEbTKQAH8QulC7IEn62auVNQF9EoMj3b24dsZfHdC5YQYqFqCQ7yUAZAEkWSusGBO1UCfSNwQFBh0UdTs1K5dEIz40o0qHZfv4Lnd1MRsMbJNpFpzmlMKUwV1Rs5mQt1RO1TAD5zWkL-G6SuF3UufvqHU_ebrDfikUAvT83eGw-AwR_sQmv2UVfpxkMpFmpxb8ng2N6JtDjqfvlaoMSAl9v2dI-kZtZKtFTROR0KYo1wzTGq3rYwNy45SdDJRwA3jK7aZNCRBjvVM-fxzMIicMBohWOhcUsmYckQ0sK8rzyyI1cUHOUsg4UkKf4Yotfp84u01D3DDW7e-lWcgH15QOAxlS-qc0zhpOvhK-Ga1AfZw74JaOQKGjxdGVUnCq3VSAU8fRA3__biq7NyKl5KSYjF4XFgKP9JULbTxxSgWyS1N1WLo5rLaCWPU0mDoRGWzSxN9somppTqYw0v_L5K1Tj-3hY-8T8X0n7A9fBs1vWgLdQRuhUXyAvuYiKi-ml7yZJP29V53kFRnSmPIAXNN7Vss-WbI24sPh3_GBlayvncjlOMZEuIHJVFEBqnh9ok9rhrOB8EwBCCaog91JhqfDwKPsDn_yHh6pJkTErfypd5t1S1s0PVJmFc4rFSR_Cdiczpx2Pi5lxK9-wTjEuV2b0w_yBFl897YJJiXcw4EVoeDLPSx25XEfRYsB78ypTFrEDgAGG5jUDel2TPbt-OEZsfWcin6ZjXNMlIBo1C5Xqz-va_9dAQRibylxO3MZQtE6rZNoGy-_Ow8j8ny1buv84bzTZkGlFtZ_Sx7pRW10cyUhNZNY8D9GvQL0Fo0V8O0tAQfU0pGAl9UoBvN8kWD6wy2JswIUuAOtXO9zufY1wvqLATHQAnbELVJSFUbc7THEKroV90iM8VA2i-vFEo_Fs4UJCDZfMsdHMMl2rTHo4FCQRXnNmQVUHdJ_DAuAickmwd6P2SVc8iCXRrPkXudh9eAFCIq0qO8cOLezSNfwF959IrICGzgkqJfHH7wecNjIDpP9k9IH_Es2E07sv1kiaysMXY0HmWjSAz5_OgrW5eGtZVe5YZ5jLqubkWD2RYvIOCWoOrYME9bCaW1rbigKmIiiLt_Dm0VKkF7a0GgUBFjMbLuESNAs3WUIAVigew&cid=CAASEuRoUKGGYKaRaQC0-dRk2S6dOw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
4307325365330469008
s0.2mdn.net/simgad/ Frame F2A5 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4307325365330469008
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8a724be8b8b9c796ba2ea193b6ede02e1d77be80010a7d309d2577f35d8832c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 14:22:48 GMT
x-content-type-options
nosniff
age
143772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24325
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 10:22:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Dec 2022 14:22:48 GMT
img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=26703531;s.a=3213511;p.a=317301178;a.a=509867565;cache=843609538;
ad.atdmt.com/i/ Frame F2A5 		0
0
rum
dsum-sec.casalemedia.com/ Frame B1C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGPqgy7cBMAE&v=APEucNUKZDDcBo1pmGKb2jEkVAGmM-7L4BrGwzrReQ7rQh6WG_UlDY1qmH7ehminaTBMOnA1yeUtgHvAJVdWox97nwAA3v15c3v33KTfDh4_FY9e-DtNHoXxDvB7f6Dn7043G89Arm5pVfsuw2BtA_YPz7owsFogkSsrqmzikjNEU1_DEBta2BQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B1C3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGPqgy7cBMAE&v=APEucNUKZDDcBo1pmGKb2jEkVAGmM-7L4BrGwzrReQ7rQh6WG_UlDY1qmH7ehminaTBMOnA1yeUtgHvAJVdWox97nwAA3v15c3v33KTfDh4_FY9e-DtNHoXxDvB7f6Dn7043G89Arm5pVfsuw2BtA_YPz7owsFogkSsrqmzikjNEU1_DEBta2BQ
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B1C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGPqgy7cBMAE&v=APEucNUKZDDcBo1pmGKb2jEkVAGmM-7L4BrGwzrReQ7rQh6WG_UlDY1qmH7ehminaTBMOnA1yeUtgHvAJVdWox97nwAA3v15c3v33KTfDh4_FY9e-DtNHoXxDvB7f6Dn7043G89Arm5pVfsuw2BtA_YPz7owsFogkSsrqmzikjNEU1_DEBta2BQ
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b133507c-f261-4862-a456-07023595be3c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B1C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGPqgy7cBMAE&v=APEucNUKZDDcBo1pmGKb2jEkVAGmM-7L4BrGwzrReQ7rQh6WG_UlDY1qmH7ehminaTBMOnA1yeUtgHvAJVdWox97nwAA3v15c3v33KTfDh4_FY9e-DtNHoXxDvB7f6Dn7043G89Arm5pVfsuw2BtA_YPz7owsFogkSsrqmzikjNEU1_DEBta2BQ
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4fd4465d-f0ee-4c4e-8e07-a4b894932739
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5819
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGOjPyrcBMAE&v=APEucNUwN14GklNJykUrsEGWfl1FJXaeaCpszCcQ6cJx-ivx0RNK8NZy9mmT4DfCpGTl1h3zU9O2_r_WRHTuv0OjZFlllSD_ALww6ojvBVEi7N4oZjFSsiuDwyQj8GCsxzxJpVSrQM2LbCQ5oklNawO1Ho7uXgdNnB_tF8_Zn5J-rWjvGJNIMX0
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5819
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGOjPyrcBMAE&v=APEucNUwN14GklNJykUrsEGWfl1FJXaeaCpszCcQ6cJx-ivx0RNK8NZy9mmT4DfCpGTl1h3zU9O2_r_WRHTuv0OjZFlllSD_ALww6ojvBVEi7N4oZjFSsiuDwyQj8GCsxzxJpVSrQM2LbCQ5oklNawO1Ho7uXgdNnB_tF8_Zn5J-rWjvGJNIMX0
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5819
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGOjPyrcBMAE&v=APEucNUwN14GklNJykUrsEGWfl1FJXaeaCpszCcQ6cJx-ivx0RNK8NZy9mmT4DfCpGTl1h3zU9O2_r_WRHTuv0OjZFlllSD_ALww6ojvBVEi7N4oZjFSsiuDwyQj8GCsxzxJpVSrQM2LbCQ5oklNawO1Ho7uXgdNnB_tF8_Zn5J-rWjvGJNIMX0
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5ca471c9-61b1-458b-9495-92ad66950e2b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5819
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDekesBGOjPyrcBMAE&v=APEucNUwN14GklNJykUrsEGWfl1FJXaeaCpszCcQ6cJx-ivx0RNK8NZy9mmT4DfCpGTl1h3zU9O2_r_WRHTuv0OjZFlllSD_ALww6ojvBVEi7N4oZjFSsiuDwyQj8GCsxzxJpVSrQM2LbCQ5oklNawO1Ho7uXgdNnB_tF8_Zn5J-rWjvGJNIMX0
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
63fe9ada-c5d6-4c0d-b7f1-10a891ca541c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 60A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIYt5XwvAEwAQ&v=APEucNWiwde4AeLySuUbIyR8cJ2qwVofZHICfyU9KxBa12VW1Thp290dhz-JWdOM427CzrgIqizMxCUvYGf8Hsq5WDT9T-qDZPuzjmfAKNWbBCH9yLRU3zy5kJT49jyvcCVJdZd6l6oKtzSNmMupA9cOq_Df10lZ21idejYOXC0_iL20uf_2n2A
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 60A3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIYt5XwvAEwAQ&v=APEucNWiwde4AeLySuUbIyR8cJ2qwVofZHICfyU9KxBa12VW1Thp290dhz-JWdOM427CzrgIqizMxCUvYGf8Hsq5WDT9T-qDZPuzjmfAKNWbBCH9yLRU3zy5kJT49jyvcCVJdZd6l6oKtzSNmMupA9cOq_Df10lZ21idejYOXC0_iL20uf_2n2A
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 60A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIYt5XwvAEwAQ&v=APEucNWiwde4AeLySuUbIyR8cJ2qwVofZHICfyU9KxBa12VW1Thp290dhz-JWdOM427CzrgIqizMxCUvYGf8Hsq5WDT9T-qDZPuzjmfAKNWbBCH9yLRU3zy5kJT49jyvcCVJdZd6l6oKtzSNmMupA9cOq_Df10lZ21idejYOXC0_iL20uf_2n2A
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d5ea6f16-c6c3-44a5-88e9-aa69634aa29d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 60A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIYt5XwvAEwAQ&v=APEucNWiwde4AeLySuUbIyR8cJ2qwVofZHICfyU9KxBa12VW1Thp290dhz-JWdOM427CzrgIqizMxCUvYGf8Hsq5WDT9T-qDZPuzjmfAKNWbBCH9yLRU3zy5kJT49jyvcCVJdZd6l6oKtzSNmMupA9cOq_Df10lZ21idejYOXC0_iL20uf_2n2A
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d67d8b99-4673-43bd-86f3-bd660cee6e14
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame A363 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUnnoayVRkXI0Sw5Ui8tBVqzQFEQVezVdV6FPtEP4PGLl79QHnUc9mmCkGsmnNpLoMrsz7aC1s6h2A8G7XIXEgE07IuYM3EbZTPQYLQ0_FWTzWJcDx1wwaVWI5o4XL7SvesrhYRW2_j8mMxBXR-nVBM37blA&cry=1&dbm_d=AKAmf-DX8cb7le7q4qCQN71tzWlOLmC3nZjLMDD8XPnCN7Yj3WH7cWunGAOQr3OACRx0Y5ZyGSQBAVwtQMd8IhbPHl3HGK_cvH56PD50tLRB5U3tjegk2szqCeQ0th6R7qxj2oFcAdoPzbQjwiILiwJ9zEE0s_bzAZyC31lXREqcJJuYF9VfWP_fXhysaEC4B0STs2plN99K1QCMQn1z05B_nDylKAQtTkXaWg5BTIkXNa3rLWlLRmRo4qNNlIhjSQ26bAVxkn04m8ldX2GhIFDVkBG4XBuwI7hIc9QVBo31NfOo4hS2KvWFGDBdh9PnWDdwnkZD6aQiox7xeRCJw6MI4jPbJ712rEU-RDoeuvQDr_W6VSLWjwRGlAafNb-F8LLqyVTEDxLbnY_e0TCuDjwR3BchiRTtBJ2gpI_xMf_PBeJuJDS-ru9Ianu_dDZXURkhYgEoep7xsNYv7BjdHK3HFA86aEtZFw4hgqNIQFODS0lqn2L138SMq3rGCn3Xk6RHOIxT1HqSkj5VI9nFvzqvf2xk2QXFcusWDhvTft1gg3tqMe-JicFlGeFjOnASuu0XMevOQjLF9b2xBxih8xmUIAZoGGp4IWivJlxjcrlEVc70Z-ByCqgmcBzIgXh0R09F_kZf2wxEXRdGyE-oT-k3fUrah099UnQOQ8C6XFpFhob-bve49MJYOKiKf89lZv4v7tuGRlmApkIi7JxwqZkEf_jrDTc769Zv0GkNYzPcWdE3l9AbQx0mw5R9Cc74UhPU1yOkRgRs1ki7GSf1Pe9SU2FPjVb6pCCwVmZuirIqodNJ-7NQGqNQHcl1o_9jEIC-lN1kU_nSZapXGahQ35y1sRhm6MDBN2pk5xYWBx7sdy9b-UMVWwKEAeJPRYM740g3HpJzPJIv2kg2yNm9KtF4b48yQa2kpJRCwfoGuaZxAtdvXBnW50LXEdLIdc5t1l71xwgfY6aQoahR0KtJajjDAPECiSGnMjAvsIdgx5Ul3KSjTq__qr2M6-5TGxgyyF-MKA8wBNDQIuH8iuTHOuAvFAtKrwk8GbfaZADKEifkz_oTOZ60L9XXdy8Yv1BYIQoRMPNacwPzg59Z1WTyQoyXrYeqHRuBTgs1OgjncfTSyLY74PWhCmoKYD4lNXuxnoQlDHfBNn5uFmpUsiVCJ0TI_GUDcpyw3nplwnBmN0ARn_SHMPacbkCf7EjwVMXJ8GqhGmD9UYJaMHXPbrsduwCeuSZJMRkLR8sxcG90TJL3DZhW-gfm98hIwVeKZM4ujc6eEoqijzDoq7kZ7duBOC_mrXkla4UuMje-ecgu_sEznI_Aaf3qwuP0xcErOu5l2BD0XQ-wUtn5I-8-dOOJxSEmFZNC94MhbeBgES7DgrMBFXD0OrDTDH0JQ38r0HZ6eJ-4mLMlJiScbEnt2Cpu-g_2tm6aIwXldnOCr3Ryy9uFBPbeaHHRQPSj1HH_hkFWO1fq-Qsx5lBkE5MMmKJP-AeLcrxCK81Cd1D2iQZWxkIprOqT5AekRCt-zk-BL0qTzBw1FBLMuJz88pHIDMGtNsnWPyPt-gAj4T1f5mQiaEnyrAXGq6CciKtZdN2xb8rlyyMgQm0tzvfcNxQXduDY9h9KalZsLrKMq9FCiTDhxwzGciYqenQj0G18xD9WmE69l92e338n8hI7J4h-5z8fsw3VbFM6mgHseF4LiR98iSFOYrU_hT4tF1Q_CqWtF_DWcRodrdIErJeIxWy_rziH0iilFwwd2SX8QVpWieHJULohEBfZQ2GTAmHghbpd-PMt9t7yFKSLA_3a1Nm_2wRtyT3LHV7NO9XfwQ7cWIqkl8Bt45Jnba4YeYbhT8Xi-1hhTOmYD2w1sN-G3PfqfbCSq1WPZpo1k0O6L1heHcJDIVOOu5wjCQpw1natbJ7PwDu78RBOSeTFGVcwOvp114RdMk9EanKcKLq54uB9d6h4OXQP0KeixoeICwK1TF-A3f7yir4o5a2sW52DiduJCgRsez-HSiQ7ZV981C13bC6Voa1AzXwxLi7Bisk0u0kenMrAPemG4jYaJPaKd5dSmxRAHMQWBjxlwTWqsZM0ataVhTOoskQZlTmmL_eDzZcaJMN_Uu4kqFUbsQsY7O8oULEw1a66sPkF7Vdc6LrDqTc_xSs_oCZVaRAG7sZ4lpYWObgcsZyCoRMEeSZAQdquFP4TyPO7FPQM9Y19sGNRAAqDghqr2gmOhoN7GhB8AIUByK55r39-yRN_QpaTZqA8ocSNUK3UDH8Hf8PPqZC2MeOVHvJVyi4umGAlSPF0GyNB0aaEc7EaIbfTC6uYZKEbrIHk-EYa_4AZx88znXkcRkwRQcdTD8PeJQHl08t1jEshzaqZcyzhUa2q_wRKxh3Mew2ClDI7oO1oWUCLHf9d3ZNeEdbxpL_-qdO1S76Dn-Xs7WpGdUHBVnpCcfwn5KKQ9H8Mdn88jzD0C4QjqkYbHg-Feo6sKhK2Rykl50LgyLsfrnJbm0SpDDmvgdloH_ia15wjTUaa9gIGOXtlkzU3MN4YV9cSh6IzXNVWkCiwdDuilhnEWE_wo5Vonwu_7nLAQncNP0TyiYrBTSLqDmRJu0Mn7Ptavp1opzmQq7Ft94mZoAbzREvLCqmGZaKFOkNldMmoqQMcocyIuvuH4nwoGnkHtLEDhHPlTDQvvHxubu4X0asf2DuQqDmSbj1jGvPvqPF3qLhOLRDqvI6Ov51OTyRFMhDK0ZvVZYK3XVErwbSHy7mTYtteDgDrJ_78s8glUqwcWXuyKbbLeIUC3X02eVYq2piol4MdwmM01QwOWqDTOCnCTQUOI4OdFve99z9s8KVT98e8joFK-8OTHx1ZajDWTnJ7Trr8x2gIXJbjLa0Uwp70oxs4N8dpdhGH7czK6MbsJ6ErrxJ-i60EGzBNIAlMMilIYuj3g6U0d9uvTlL0XC0Bc_26VafMF1NEkrobK0-vwjG9dRhlo36E-O_Iz92faBVDC_7SVUVA4cQHMjNBiOSeXfbcfau_894ujH_iI801pS9Nteq6exWMa3E2o8iVw-xCj6fph-hTvBSMw2jcr-t7zIOHNKbcM0Zd6CF2h2jeQa3fiBgGJGYgnpMCYAHaW1LDr8mCWqAeGdLa6JEEqmlKdHg4Hd2I3Pdc3Lifct7ZoHW746M-V7nW37-xJ5iZWdVs0LRvdJYmyeczCXf_06qki4rqSWT98dBk_QFIg6_bxtWzg4g8gqHccNwNAxP-P9BpwdAgrvR6DtGSmJAMZOAo4zQgKL74JQQ5Nbui3Mv6O2WyzRXtqj6JNj92I8qsUI9mYCrKGFfjONLqCm95GI8CG9rgsOJbSVQj&cid=CAASEuRofSA57zkT0eZZVoBOh791kw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:18:44 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A363 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUnnoayVRkXI0Sw5Ui8tBVqzQFEQVezVdV6FPtEP4PGLl79QHnUc9mmCkGsmnNpLoMrsz7aC1s6h2A8G7XIXEgE07IuYM3EbZTPQYLQ0_FWTzWJcDx1wwaVWI5o4XL7SvesrhYRW2_j8mMxBXR-nVBM37blA&cry=1&dbm_d=AKAmf-DX8cb7le7q4qCQN71tzWlOLmC3nZjLMDD8XPnCN7Yj3WH7cWunGAOQr3OACRx0Y5ZyGSQBAVwtQMd8IhbPHl3HGK_cvH56PD50tLRB5U3tjegk2szqCeQ0th6R7qxj2oFcAdoPzbQjwiILiwJ9zEE0s_bzAZyC31lXREqcJJuYF9VfWP_fXhysaEC4B0STs2plN99K1QCMQn1z05B_nDylKAQtTkXaWg5BTIkXNa3rLWlLRmRo4qNNlIhjSQ26bAVxkn04m8ldX2GhIFDVkBG4XBuwI7hIc9QVBo31NfOo4hS2KvWFGDBdh9PnWDdwnkZD6aQiox7xeRCJw6MI4jPbJ712rEU-RDoeuvQDr_W6VSLWjwRGlAafNb-F8LLqyVTEDxLbnY_e0TCuDjwR3BchiRTtBJ2gpI_xMf_PBeJuJDS-ru9Ianu_dDZXURkhYgEoep7xsNYv7BjdHK3HFA86aEtZFw4hgqNIQFODS0lqn2L138SMq3rGCn3Xk6RHOIxT1HqSkj5VI9nFvzqvf2xk2QXFcusWDhvTft1gg3tqMe-JicFlGeFjOnASuu0XMevOQjLF9b2xBxih8xmUIAZoGGp4IWivJlxjcrlEVc70Z-ByCqgmcBzIgXh0R09F_kZf2wxEXRdGyE-oT-k3fUrah099UnQOQ8C6XFpFhob-bve49MJYOKiKf89lZv4v7tuGRlmApkIi7JxwqZkEf_jrDTc769Zv0GkNYzPcWdE3l9AbQx0mw5R9Cc74UhPU1yOkRgRs1ki7GSf1Pe9SU2FPjVb6pCCwVmZuirIqodNJ-7NQGqNQHcl1o_9jEIC-lN1kU_nSZapXGahQ35y1sRhm6MDBN2pk5xYWBx7sdy9b-UMVWwKEAeJPRYM740g3HpJzPJIv2kg2yNm9KtF4b48yQa2kpJRCwfoGuaZxAtdvXBnW50LXEdLIdc5t1l71xwgfY6aQoahR0KtJajjDAPECiSGnMjAvsIdgx5Ul3KSjTq__qr2M6-5TGxgyyF-MKA8wBNDQIuH8iuTHOuAvFAtKrwk8GbfaZADKEifkz_oTOZ60L9XXdy8Yv1BYIQoRMPNacwPzg59Z1WTyQoyXrYeqHRuBTgs1OgjncfTSyLY74PWhCmoKYD4lNXuxnoQlDHfBNn5uFmpUsiVCJ0TI_GUDcpyw3nplwnBmN0ARn_SHMPacbkCf7EjwVMXJ8GqhGmD9UYJaMHXPbrsduwCeuSZJMRkLR8sxcG90TJL3DZhW-gfm98hIwVeKZM4ujc6eEoqijzDoq7kZ7duBOC_mrXkla4UuMje-ecgu_sEznI_Aaf3qwuP0xcErOu5l2BD0XQ-wUtn5I-8-dOOJxSEmFZNC94MhbeBgES7DgrMBFXD0OrDTDH0JQ38r0HZ6eJ-4mLMlJiScbEnt2Cpu-g_2tm6aIwXldnOCr3Ryy9uFBPbeaHHRQPSj1HH_hkFWO1fq-Qsx5lBkE5MMmKJP-AeLcrxCK81Cd1D2iQZWxkIprOqT5AekRCt-zk-BL0qTzBw1FBLMuJz88pHIDMGtNsnWPyPt-gAj4T1f5mQiaEnyrAXGq6CciKtZdN2xb8rlyyMgQm0tzvfcNxQXduDY9h9KalZsLrKMq9FCiTDhxwzGciYqenQj0G18xD9WmE69l92e338n8hI7J4h-5z8fsw3VbFM6mgHseF4LiR98iSFOYrU_hT4tF1Q_CqWtF_DWcRodrdIErJeIxWy_rziH0iilFwwd2SX8QVpWieHJULohEBfZQ2GTAmHghbpd-PMt9t7yFKSLA_3a1Nm_2wRtyT3LHV7NO9XfwQ7cWIqkl8Bt45Jnba4YeYbhT8Xi-1hhTOmYD2w1sN-G3PfqfbCSq1WPZpo1k0O6L1heHcJDIVOOu5wjCQpw1natbJ7PwDu78RBOSeTFGVcwOvp114RdMk9EanKcKLq54uB9d6h4OXQP0KeixoeICwK1TF-A3f7yir4o5a2sW52DiduJCgRsez-HSiQ7ZV981C13bC6Voa1AzXwxLi7Bisk0u0kenMrAPemG4jYaJPaKd5dSmxRAHMQWBjxlwTWqsZM0ataVhTOoskQZlTmmL_eDzZcaJMN_Uu4kqFUbsQsY7O8oULEw1a66sPkF7Vdc6LrDqTc_xSs_oCZVaRAG7sZ4lpYWObgcsZyCoRMEeSZAQdquFP4TyPO7FPQM9Y19sGNRAAqDghqr2gmOhoN7GhB8AIUByK55r39-yRN_QpaTZqA8ocSNUK3UDH8Hf8PPqZC2MeOVHvJVyi4umGAlSPF0GyNB0aaEc7EaIbfTC6uYZKEbrIHk-EYa_4AZx88znXkcRkwRQcdTD8PeJQHl08t1jEshzaqZcyzhUa2q_wRKxh3Mew2ClDI7oO1oWUCLHf9d3ZNeEdbxpL_-qdO1S76Dn-Xs7WpGdUHBVnpCcfwn5KKQ9H8Mdn88jzD0C4QjqkYbHg-Feo6sKhK2Rykl50LgyLsfrnJbm0SpDDmvgdloH_ia15wjTUaa9gIGOXtlkzU3MN4YV9cSh6IzXNVWkCiwdDuilhnEWE_wo5Vonwu_7nLAQncNP0TyiYrBTSLqDmRJu0Mn7Ptavp1opzmQq7Ft94mZoAbzREvLCqmGZaKFOkNldMmoqQMcocyIuvuH4nwoGnkHtLEDhHPlTDQvvHxubu4X0asf2DuQqDmSbj1jGvPvqPF3qLhOLRDqvI6Ov51OTyRFMhDK0ZvVZYK3XVErwbSHy7mTYtteDgDrJ_78s8glUqwcWXuyKbbLeIUC3X02eVYq2piol4MdwmM01QwOWqDTOCnCTQUOI4OdFve99z9s8KVT98e8joFK-8OTHx1ZajDWTnJ7Trr8x2gIXJbjLa0Uwp70oxs4N8dpdhGH7czK6MbsJ6ErrxJ-i60EGzBNIAlMMilIYuj3g6U0d9uvTlL0XC0Bc_26VafMF1NEkrobK0-vwjG9dRhlo36E-O_Iz92faBVDC_7SVUVA4cQHMjNBiOSeXfbcfau_894ujH_iI801pS9Nteq6exWMa3E2o8iVw-xCj6fph-hTvBSMw2jcr-t7zIOHNKbcM0Zd6CF2h2jeQa3fiBgGJGYgnpMCYAHaW1LDr8mCWqAeGdLa6JEEqmlKdHg4Hd2I3Pdc3Lifct7ZoHW746M-V7nW37-xJ5iZWdVs0LRvdJYmyeczCXf_06qki4rqSWT98dBk_QFIg6_bxtWzg4g8gqHccNwNAxP-P9BpwdAgrvR6DtGSmJAMZOAo4zQgKL74JQQ5Nbui3Mv6O2WyzRXtqj6JNj92I8qsUI9mYCrKGFfjONLqCm95GI8CG9rgsOJbSVQj&cid=CAASEuRofSA57zkT0eZZVoBOh791kw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
csi
csi.gstatic.com/ Frame 33CA 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kx8knzzi&c=6396223262968&slotId=3198111631484&qqid=COeA8a7W5_QCFfvAuwgdC9MEKQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:81b::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 33CA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 17:56:19 GMT
x-content-type-options
nosniff
age
44561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 33CA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
491952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 10 Dec 2022 13:39:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33CA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CRugGUtq6YeePOvuB7_UPi6aTyAKeoaGuXKH56P6fA8CNtwEQASAAYLuGvYPQCoIBF2NhLXB1Yi03Nzg0MDM0MDYxMjUzMDIwyAEF4AIAqAMByAMCqgSEAk_QFH1HLhQJxoMwD0-JrqwB3whFU3NFKRNFZz6tQu3VGQyHvDfVELiLELnwRgWJ2fdqHPrf6AD7kPL2TvL3Tt3nd5-ddoE3QmjVHOhrXE7sTcK3Q-lJHGIHe926K1FlhOdlPo66DadbNr-XWgQDMfuxwbeKu6tE1lXg3CWzlbNAOX1mpSHfuqBojf6s0RxfGDxQjDmiMAseJHEnYuOKl-WPhlDeTBVd5Tqy7ips_bKWliqYfnYoxWBK2dl6vOjeIO6iinb3X1mRVq9NI7Eo-BZgm4_ve0XKvvBAJF5N0_G6akYmoBqwwsqn-mg6R5x-6DPXhcHdbu1sWnJI9mm-vrYXF0Vx4AQBgAaZ7NuJ9Immyc0BoAYqqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1639635540471&ai=CRugGUtq6YeePOvuB7_UPi6aTyAKeoaGuXKH56P6fA8CNtwEQASAAYLuGvYPQCoIBF2NhLXB1Yi03Nzg0MDM0MDYxMjUzMDIwyAEF4AIAqAMByAMCqgSEAk_QFH1HLhQJxoMwD0-JrqwB3whFU3NFKRNFZz6tQu3VGQyHvDfVELiLELnwRgWJ2fdqHPrf6AD7kPL2TvL3Tt3nd5-ddoE3QmjVHOhrXE7sTcK3Q-lJHGIHe926K1FlhOdlPo66DadbNr-XWgQDMfuxwbeKu6tE1lXg3CWzlbNAOX1mpSHfuqBojf6s0RxfGDxQjDmiMAseJHEnYuOKl-WPhlDeTBVd5Tqy7ips_bKWliqYfnYoxWBK2dl6vOjeIO6iinb3X1mRVq9NI7Eo-BZgm4_ve0XKvvBAJF5N0_G6akYmoBqwwsqn-mg6R5x-6DPXhcHdbu1sWnJI9mm-vrYXF0Vx4AQBgAaZ7NuJ9Immyc0BoAYqqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 33CA 		29 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BEPYJqGheBFRpGs9zUhdlJRsnzCVoSCbPT1QuiRYV_bEPpcOSXohgP28LJ3PCDRMHrqpiPq_tjNrJpdlSFFfH_kuGQQQ&dbm_d=AKAmf-BQzqZrj_056bhMSgJ5wyxLnTUpv5JMQsTSjZ8W_i-VCYOZW54C_PD_zqORlngk1F1SotbY_MLJiE31o8vUCDVJY9ZEo_IzTCJG4h5ZuY5M4lNffKCvsQaYlfsR37K0CZfUYBhKR4wGVrdleaodb3CtJ2Jg-wO0MiUpi2co4LiZ0w9XwX0tjn1TC_jkZ1hHSdmkQG7gqXreHXN1PNRdV2HSfhWpWlDUGpRZ1tYTAhdsPn8N9_Z_IS7LLYEq7w7wjZMsale7I7fsWC2DNt53ZV9QPev8pQjSt0hL7lJid054k5uVpppXo9ktDBPgC8xO5fOSi7tVI0ewvbn-ZCS9tJ5xnN9HvX5I6nuIdaHkM53NwgvDCRIXoLOFkpeKDrFDY1Rxl2FM2bCYIgKnaFKeoGTWTMiiakSibQ3P05r13j--Gla_vBk2qGGq_3OYovsWnMA6sQFXHFGPQcxNR4sopgc7UCivnDWnqLJzVlAH-piFnXd91EKnKI8cbcgQmSjHNgBALL4mMu6I3bzWZRgFHAH8MWtqQl8a6KThznhALVWu2296zMzUWWgXDpWyZaK9uI_Q1Ac9WFJ7oI0tO4Wb5aTRg8LFvoJ86GxtV92L34VhcWPpKM8cBWPUJ4vPEbWii7MqlBVSjHhXh-LCmk0gI8fn-AAxQppoa4B2vyHXWuYtmNDcTMJzJ_7Qc6JiUDAxTCOgQleKMH9MpapdrfqdO3L8O06F-7SSGo9fmTI2E2GV4bRmzXe4gNQNnJGPQMefGtbdU1KGQOOtYwA4B3XUDs8mRcAfgZ4ZAvE0-_cFxzT7lV2w9sqiw67lR1iW1KgD1DnPsEyslW_LRsCwcK7GC8NElFxC78CsR3tgh3xzFlDsyRIWrSGiXi2mt98nqfHLS-hzXKbbAYp4G02vVPynoVPDLXectjkybzNOiN9bxKBLUCAi31mEJddZNctayeIDJtUK0we47taB_y3D5qfXfiTlX_JPg9mIjaTRxPrAMvt4MOKedsFqTC4XefxhbVRfzls9eyCPJ0WaGIrZeLTeIDkzK9NzXE7nYEyI2hmX5XuXhcL0JW4_j2WSnPAZnsPakxLkq6ekH_05YftxcooQg4TnkJJnmPGjjQfnzKWfSoLFRYX3N62rXUzliWiNzEOxUPXC0tjGMVS9LVvQNVC784-42eQltmP3yJlxEnZdz6ObFFYJBst8XzJUQeuAcx65iAMiiywyIDY8E-OIqOhB7JYm4ECr17eFEIrCOABUgQJpurMwaM3u8WcOYQ0_gD-keKWKaubldRLmMMEDtC5nuH2M1T-xxrr1DscNEYQ35Ukf0nBBfIFCeQkPp5Mbe8pxxUhPijqzvcXkVqwmgwM_Bm1KSD5hWe25G_1eAAe0jq2U9gNKhFgxfbZddVHlAhOPYzt3lC_kihZUCtx0wZh2MgVMJpEfQkrHdx7ImMxV3j7AogLZLdbAdRA_oRjjvfHE0K2pG5tOMcCOi8X4qpJGRAgDIkulSH0m2iUsEIX49VVCF0jZT3VO5SnXh-evTUatKkmDecMXgK8r3yYKzBXwuwbuFJuqf2tEeHxj0Dd_3qnVTnYLcREOycac8etoo85iVy1bH1Y2M6wMYB2Ss9yMdbwzasceDp9hB6QvIdgkv0NuYsyF9zTBRhQLBgOm_H7PdgjyEzcYqlKtrrWizmUCVk--T8_EecDO13QpHFJfQBDpOQCqKOIpZSONu1-xt7qXNvTV1RXdO6YoZaKEArA2VBkLk_4Mk27OPo9K2xREVDXLphsTBiqFh9Xw2ldu4IsHjwvwmQ-TGe3wZc7u-olHwNqR1PuL1YI2XFHCLiuo9MgT78Pg2To-Dw1UgQaOn05kEOgIMGTgmJqLFKwd_fpzOGO3OLMn4wRVcKUojLPwD2SlR949Zajok8JVNTV5xqhrxAIcrTmB7LeGF0NNR8cs2dZIX6IBQdACWuw2aJFNoiJQmy1j6ddUKlVh0zSlKObSUKeLp9H8VQVL-1NiLDNDpYTIYJSUS40KGe2TXkog_CY7hp7JQjaAlqmGFRQdzC47dTu6q-2OHEZHTUWgfeIZf9M-Refi0dlLFgAdETZI6GP9B-qn33zwcfVPHLBwtI3H62yOEglrSEq0yEHKFN55paI51hO9-lNkBFebXHWmlcAp1INWKlecwy3JRISL1pEK1qPTGvrZnlVdOcc_0yfgaQXnjulAqtcotwU1ICzQOK2l2xuSaMG4T42OBuGx8QeXxaoMxc2py6ZxBAcuvuZkOSpkJ5nq0jweXkUxs9qGTqerHnlfg_VMxpxiKhVR0Ps1Tw8gRCb5_U3FbSuobm00BqK055eRQxw6475S-XY5T7VleLexetH2dEia641-Xj5WkgCvQF7w8R5uEsqUdYhGZlolHmBHwdWYskodu92Ri8Tn_TKuF2ljmRve7q456ybGZB2IPa1WJ9fQmFYK59PO6IzXkmtumYpNszUgkXJ55jIuQg94q5vBuzPH5Z8knWQnRGyAq91ks6zjBYX3fYd_4OFyMNdkJkLYNVJm1-G2TnxonucRXfIs1eXbHJI_z2jEKC4kbsVXk_bxJdHal5mQN9julbJMrNedGSiHSceXIeDp0n1pqcQm1jZZPd0mhpRMxljiAf2exTM_QFoXvc0la9n5j3rV2x0BcOi8CFwPzoKo1MwwWHtPLDt2n7K_d359_NQSrFH-YlOCHV7eBlaULHipNgNzSIQo1TMNu_kUxGUX0U5Vaua6NmpkLmOnTXbimkZRRBCyNToAAORkIL7YPj8LgXHIiO2Htfpu8_flmZk71ugClt1lZtj5oaS0H_P47kGuFqcIBdRX-Gd2lalmK0G5kVLDiIpEGnEbkohIfjvxLMNoehLEj0lMaIciNk3EeEw5SOudCsbTejkXD295VUBKRa85HyAhOladRhny9sv6ehXAq08eyVGwnxoD6E2ZTiMJtkC4yuXAxoJzKZ9oFZmqVDfaEGXORUL8reEGXSZf9CN81K5OfOyBTzLkrHl4RfeOTAOARzt7g9dEm6flM9oRNeDUjofUM1B_gRo4Pxti09FmIL2GGz5--Quivsitqek5jqLxsCa187i9xGxoKiWtlOqTQbMGdpP71uxKyk-fIJLbUQYtapvPMsNr38bfyyRdXOk2hWJKmUzGyrDt7tdzYcECMt3wRgrMtI2bom6mroCAkQii6MDMlWDdDAOc3kFVf8QsK-qIbyQJJkSwF_TY9DnzJaouZIi0xJR6nsY9XcwUj2Jnix25fXwq-elHwHbeRVz9Yt-r8CiX1PJO4Vi9IHQI0aW9P-WBd53nC2ho2NyPqw2J6OF0lDZ_U84Y5DU7Nftv&cid=CAASEuRoxdNRQdiAUz_4Zf07WY2Ong&pr=13%3AYbraUwAAAADKWe1Unto5396s8yPppKMAjKQlOw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f154.1e100.net
Software
cafe /
Resource Hash
ad95a98c621ef30d7d56b0ecd39fdf31bf0e1bb26a7fbfc8a84ef82940abe61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14166
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 33CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cjtk-Utq6YeePOvuB7_UPi6aTyAKeoaGuXKH56P6fA8CNtwEQASAAYLuGvYPQCoIBF2NhLXB1Yi03Nzg0MDM0MDYxMjUzMDIwyAEF4AIAqAMBqgSBAk_QFH1HLhQJxoMwD0-JrqwB3whFU3NFKRNFZz6tQu3VGQyHvDfVELiLELnwRgWJ2fdqHPrf6AD7kPL2TvL3Tt3nd5-ddoE3QmjVHOhrXE7sTcK3Q-lJHGIHe926K1FlhOdlPo66DadbNr-XWgQDMfuxwbeKu6tE1lXg3CWzlbNAOX1mpSHfuqBojf6s0RxfGDxQjDmiMAseJHEnYuOKl-WPhlDeTBVd5Tqy7ips_bKWliqYfnYoxWBK2dl6vOjeIO6iinb3X1mRVq9NI7Eo-BZgm4_ve0XKvvBAJBxP8mNq49RMGIjNGyjeJ6ICUJb64R3PQA4nFzCs5mxk7rsSNNyv4AQBgAaZ7NuJ9Immyc0BoAYqqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzc4NDAzNDA2MTI1MzAyMBjRwxE&sigh=KCbjhPZtQMY&uach_m=[UACH]&cid=CAQSOwCNIrLMmMKmmactHKRamHbK8CLYIc-GC-D_pDzuwbsnC4FhVLIf5osh9SoEn_DpmFzvtlsoYvUslLRlGAE&vt=10
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EC7A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Dec 2021 05:53:44 GMT
expires
Fri, 17 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1516
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 33CA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98fdc3dc9e9d5836958f6e74ff1affdbacb433bf68443c7b373207508499fb2c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D94D 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 23:38:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame D94D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtuorrYAHa8PTL9yIF0wVAluBcktcg0YW1RG8ZbWjIwQHJqoXZjHl10B4CSvyFX2xCOdD7A2z1GCTAZDz_su2Ljlh_lZlyVMt3L9CKFjXXB224v-9w2ae9YxqeEdVKg9z3i1Osm3VDSW66rvpfy23JljNu-g&dbm_d=AKAmf-BcuTTbk48qHOC3eyZsg3p5zFkGBXrFgORntONhcc7HWtLFbuWJ4MW5SJqKZR1ux9KrkeeuDd2CY4BxARdlLkC_GkJqtUtlp9aZSlN7u0MxvaeNAoJ69IeEQEYXnnCs5LRNuqWftxU9ZKBbADK4f84YU6eDSu7_gk8istnP5TOZcMJ_QFSSXgGWtSqofkekXJiXPsQ-ANuDdIZFNKaRWKVipw6t_KWtCvadNQUVosiqNUQYtyM_ak4xNpBgwgxdlg49u0vjIuZySodA5zxm_nTdp1LBdDzxlMi65TwEe2bfOMLbHDKyESzKhp2aaOsR0niS8gUi9XgQ4KpC_0kgBmhnDS1mSwWTAYli9LRzWjQ1bbkV4UXK7zr4Lv5zo9L4_qufWYWhRQa6VaqFo3PbQYZhWtwG5tCzFpfd8ah0gCjzpWmFvK77iCQMXuOadh9nowm6JmgRQD1nBOyvHfp8Ax4VXtcmQMjalMVwH9x-Q8fGzryVUwiNZDYMYJf5YGI9tkPGtyaezwFBpij33-JZHIdTWaDyzzbQiU_zteEGmAgloymqYV1XggLl9vw1qSl12_GEgiuwX3Q5nkZkHDxI-oZfTHaDIxMDym1NhkKQLCWwbvt6DTQP4E9diVhVSY4Oro_lWhEi-Gx-ToCiDFnOOeRzgm1Xni4Ixt1YWMjU4wuSJLxl337sx1d1RG-3PF9K_4z8Q4eISrWX1NIsZt_cx3IUOpXhsOXE_1HFWz9CTfSE6MLhAijR5RuUjlMM2lM3TFVa3w9lmBcbmC7qWgRtYre84Cltw7Rnyihw2Yk_WskcxNg8vi9GitiFJBkj9x8YjPSQiplXyrbxmH6X2Fqa4kCjEGg5X9Zabcaw73Y2z2gH2aNZ7KPt_GF_uukt5rZh7WxffF9K9t5UhVV35n1ht4_XUyRiQqYEJcoLHXmMHCMAqGVMFE3Qa0lHg-yTMGNAgUovSQlEVIsrKwcQZXiI6N51BxrE7GpQhqJk5GbE7rY6e__Z4GIEX0WboHw9iTyDgbGM8i6kE-v78itDMq05vp5MjiC1b_DUcUU8-LIBl8MgIY1BvYQG5o7Scnzg6NkyhbkI1vX3cqnPrxgliwQIHuiGqAqVhbvMe6vu2vloBOCmZxTuAtv47wvYmcjFLdt_x_sG-dQfDGoULPg1tkOEvvM6Stnd4lcrNZQ4sy_NpHP3ENS2CKXbqQKhbGfDPG_IMLcSnYSfQWaef80ydcAJ-N8ea5Ne9PCr-GmYSXIO1s4fp82dGH7T-tY9CyN0N8ECA6GrMEWA-9CSeIcUqO7SG2kDMNmqauxqPT84aKdvUFmTMgU9t3mrCDKOx1QhPJF6eJhRQhF2t5bo262RlQDKW94NEIo-2fLbadi4bH22MMIw_AO4hy5Yj_tqWTOvYbZqmSXWG424oznvrzSBGqq6eLwb2b9cTmAu8Qc-wMVuZ87tk3mRHzml1DgSNeRZclF5mUDOxxyOkVyPzJ2JkYk2d-5BrMYwmLqgOYv0WtvN33RTHSV-TiKO30g68HSMcbNyXp5xdYZeYG-cCMNDF_RLHcF8vI6EPlLporDYAMyubd4IBg3jI7Xi9WGgge-mfjSBWwPNYV3jAMhoos3U9t_1CyHwq9rNyI7N8k0lfPaveXYOuWmeDqiz--wN_vI7Va3mp6BSmSzjwPEjk8JzHtglw4gudjorsrxzsm6SCl3K1v_BRWy7qQcg7lvQvGKCsgZuKDM-bt4PdEOvaVlxsrmg0m6fVPZhywdgb3IjjCQMykaM0vZQZSTCZrs6LUgpOUGwgzYSm5SL1ypQf4k0F9glQ3cmu_DeHTLKbob16xyNVpnBP3PPGyVFAnspM5TN0gzMOVx_fLcvvpdJlxHiidOy2dxZV_II1pY9XTDnYNyZ2IlFPX2ffg-YGUAeNA6ZDC4CpQcsJR6G5MVM8Tga3TsKMw_eQXAywpzX39am0t5a_-ZxcCbu7Xe_WzqCWqV_7c64fDLrH-ZyY340XYQ44u_rvyDEKve5nYs8WPklMSn2RKsTtd_lPbBK1oKRtqxhzn2tMNglU-5RoKxTgnATrCydvmUTkwRB_WJcAyzTuFn8hFhn2Nv5FAk4xUtcmeD1IRmgGeBkCba-v-WzW1krsfcnXab50Yf2bMsaitSp7XBW9hl94OJhG6ou_Ha1IoUmof8f022wJupK96J_sh8Xd9XBiccWE10quDPr7AVcSkhEdl_fLsCWNURUjhRUgDucqinLUNdUI4XxrbIkZDhgv51paO5gusDRy18icwxYiEAeWouh3J61JZJbDw3CR2mYWOYc40C0hZ6VKzUtrj4JOLkJsGQt0D0e-hbldQ9hohq1PDdVm2iDuddf9RgxVajzeLFiyprJp9gjB_KQotLvOUVgP7qCdOY05ONNW5F6k_As8M8WDhzJ97oSRsDRHCCbWRv7uJLSu5jbQKxlZdrRAsjLqJlOPCNGlgEggxqg4dnLSQqo-uO0El2IVLaJ7xKZEqv7mruvXranqlU9glqeeSzKLs3lMd4Q-gh4C3kHpPodqr7rXIaJ__013GRW72S0hQ2c7ZERuFjtNkFvITZ4NYiNHWPt2wVIbxxmF2lziWfLKxURY_oRnRK7OiVyfVv2WcXtIBHUGFIgRkD6H7sLAw3Ouhg-HCHls0yCdWvFLeLQdKmHm8niJysjhrSLXn4EKXwDpnPN6z_7JjYm1loCsfdeLff3DBoa67U5Gcd65jTo_mHFJVm6-0w4UVU1D083RzKkuSFryXaPwmriYYH93fezUP9TjnRv0kEuREi7uQP_8N1N9SH8zFVi_W9kUCXL8tctDV0MkmkSieqQ3z1Js-jYfJDQliiIOLFD9U5m_e-j1FLtsftbzoDGy2ntbmtZ01YFFz4kIaiVqn5jwCusmkLChFXAXJbRGnV7VI0uUo5fhJA6AT-3UuJe4h4DcV9X4k1SQBC8CjBwL7PelqN6ly6XzX5yYseC7iDGtcJdOn3oU_BB33IkDKZ4ApkII9dDFxsOztS4PwTVOJlkO8ayztobARu2x9bEfFcSFcWajPnDU7ZabcWG0t3hP2DOH533tWitfBA4XwG2vJtEGfmQoDI0hO5jh12yrBWOctB6etKtVNv9KKXAv3R3lSB-QfHYbYJepo--sYfKgrx2uvBok9Crl4j1cxC0s2vo1-J2tqzmu1IH-yKMzfuF6l990l2388xf4630ciyWNmrUI1b32ql4zJC7KNvOCsx6_Bcm4Ju8ZNFnuCfUAxCWZRwlSCxzJXAwMK-PAnhiJmha-TVcQkoRKp89jlc1UKH2eGTJRvzpngL5j4WaKPHH57apZJJttGa2iZjeHm_8&cid=CAASEuRo4Z4wohg87glMA0MlUP3Arw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:16:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame D94D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CtuorrYAHa8PTL9yIF0wVAluBcktcg0YW1RG8ZbWjIwQHJqoXZjHl10B4CSvyFX2xCOdD7A2z1GCTAZDz_su2Ljlh_lZlyVMt3L9CKFjXXB224v-9w2ae9YxqeEdVKg9z3i1Osm3VDSW66rvpfy23JljNu-g&dbm_d=AKAmf-BcuTTbk48qHOC3eyZsg3p5zFkGBXrFgORntONhcc7HWtLFbuWJ4MW5SJqKZR1ux9KrkeeuDd2CY4BxARdlLkC_GkJqtUtlp9aZSlN7u0MxvaeNAoJ69IeEQEYXnnCs5LRNuqWftxU9ZKBbADK4f84YU6eDSu7_gk8istnP5TOZcMJ_QFSSXgGWtSqofkekXJiXPsQ-ANuDdIZFNKaRWKVipw6t_KWtCvadNQUVosiqNUQYtyM_ak4xNpBgwgxdlg49u0vjIuZySodA5zxm_nTdp1LBdDzxlMi65TwEe2bfOMLbHDKyESzKhp2aaOsR0niS8gUi9XgQ4KpC_0kgBmhnDS1mSwWTAYli9LRzWjQ1bbkV4UXK7zr4Lv5zo9L4_qufWYWhRQa6VaqFo3PbQYZhWtwG5tCzFpfd8ah0gCjzpWmFvK77iCQMXuOadh9nowm6JmgRQD1nBOyvHfp8Ax4VXtcmQMjalMVwH9x-Q8fGzryVUwiNZDYMYJf5YGI9tkPGtyaezwFBpij33-JZHIdTWaDyzzbQiU_zteEGmAgloymqYV1XggLl9vw1qSl12_GEgiuwX3Q5nkZkHDxI-oZfTHaDIxMDym1NhkKQLCWwbvt6DTQP4E9diVhVSY4Oro_lWhEi-Gx-ToCiDFnOOeRzgm1Xni4Ixt1YWMjU4wuSJLxl337sx1d1RG-3PF9K_4z8Q4eISrWX1NIsZt_cx3IUOpXhsOXE_1HFWz9CTfSE6MLhAijR5RuUjlMM2lM3TFVa3w9lmBcbmC7qWgRtYre84Cltw7Rnyihw2Yk_WskcxNg8vi9GitiFJBkj9x8YjPSQiplXyrbxmH6X2Fqa4kCjEGg5X9Zabcaw73Y2z2gH2aNZ7KPt_GF_uukt5rZh7WxffF9K9t5UhVV35n1ht4_XUyRiQqYEJcoLHXmMHCMAqGVMFE3Qa0lHg-yTMGNAgUovSQlEVIsrKwcQZXiI6N51BxrE7GpQhqJk5GbE7rY6e__Z4GIEX0WboHw9iTyDgbGM8i6kE-v78itDMq05vp5MjiC1b_DUcUU8-LIBl8MgIY1BvYQG5o7Scnzg6NkyhbkI1vX3cqnPrxgliwQIHuiGqAqVhbvMe6vu2vloBOCmZxTuAtv47wvYmcjFLdt_x_sG-dQfDGoULPg1tkOEvvM6Stnd4lcrNZQ4sy_NpHP3ENS2CKXbqQKhbGfDPG_IMLcSnYSfQWaef80ydcAJ-N8ea5Ne9PCr-GmYSXIO1s4fp82dGH7T-tY9CyN0N8ECA6GrMEWA-9CSeIcUqO7SG2kDMNmqauxqPT84aKdvUFmTMgU9t3mrCDKOx1QhPJF6eJhRQhF2t5bo262RlQDKW94NEIo-2fLbadi4bH22MMIw_AO4hy5Yj_tqWTOvYbZqmSXWG424oznvrzSBGqq6eLwb2b9cTmAu8Qc-wMVuZ87tk3mRHzml1DgSNeRZclF5mUDOxxyOkVyPzJ2JkYk2d-5BrMYwmLqgOYv0WtvN33RTHSV-TiKO30g68HSMcbNyXp5xdYZeYG-cCMNDF_RLHcF8vI6EPlLporDYAMyubd4IBg3jI7Xi9WGgge-mfjSBWwPNYV3jAMhoos3U9t_1CyHwq9rNyI7N8k0lfPaveXYOuWmeDqiz--wN_vI7Va3mp6BSmSzjwPEjk8JzHtglw4gudjorsrxzsm6SCl3K1v_BRWy7qQcg7lvQvGKCsgZuKDM-bt4PdEOvaVlxsrmg0m6fVPZhywdgb3IjjCQMykaM0vZQZSTCZrs6LUgpOUGwgzYSm5SL1ypQf4k0F9glQ3cmu_DeHTLKbob16xyNVpnBP3PPGyVFAnspM5TN0gzMOVx_fLcvvpdJlxHiidOy2dxZV_II1pY9XTDnYNyZ2IlFPX2ffg-YGUAeNA6ZDC4CpQcsJR6G5MVM8Tga3TsKMw_eQXAywpzX39am0t5a_-ZxcCbu7Xe_WzqCWqV_7c64fDLrH-ZyY340XYQ44u_rvyDEKve5nYs8WPklMSn2RKsTtd_lPbBK1oKRtqxhzn2tMNglU-5RoKxTgnATrCydvmUTkwRB_WJcAyzTuFn8hFhn2Nv5FAk4xUtcmeD1IRmgGeBkCba-v-WzW1krsfcnXab50Yf2bMsaitSp7XBW9hl94OJhG6ou_Ha1IoUmof8f022wJupK96J_sh8Xd9XBiccWE10quDPr7AVcSkhEdl_fLsCWNURUjhRUgDucqinLUNdUI4XxrbIkZDhgv51paO5gusDRy18icwxYiEAeWouh3J61JZJbDw3CR2mYWOYc40C0hZ6VKzUtrj4JOLkJsGQt0D0e-hbldQ9hohq1PDdVm2iDuddf9RgxVajzeLFiyprJp9gjB_KQotLvOUVgP7qCdOY05ONNW5F6k_As8M8WDhzJ97oSRsDRHCCbWRv7uJLSu5jbQKxlZdrRAsjLqJlOPCNGlgEggxqg4dnLSQqo-uO0El2IVLaJ7xKZEqv7mruvXranqlU9glqeeSzKLs3lMd4Q-gh4C3kHpPodqr7rXIaJ__013GRW72S0hQ2c7ZERuFjtNkFvITZ4NYiNHWPt2wVIbxxmF2lziWfLKxURY_oRnRK7OiVyfVv2WcXtIBHUGFIgRkD6H7sLAw3Ouhg-HCHls0yCdWvFLeLQdKmHm8niJysjhrSLXn4EKXwDpnPN6z_7JjYm1loCsfdeLff3DBoa67U5Gcd65jTo_mHFJVm6-0w4UVU1D083RzKkuSFryXaPwmriYYH93fezUP9TjnRv0kEuREi7uQP_8N1N9SH8zFVi_W9kUCXL8tctDV0MkmkSieqQ3z1Js-jYfJDQliiIOLFD9U5m_e-j1FLtsftbzoDGy2ntbmtZ01YFFz4kIaiVqn5jwCusmkLChFXAXJbRGnV7VI0uUo5fhJA6AT-3UuJe4h4DcV9X4k1SQBC8CjBwL7PelqN6ly6XzX5yYseC7iDGtcJdOn3oU_BB33IkDKZ4ApkII9dDFxsOztS4PwTVOJlkO8ayztobARu2x9bEfFcSFcWajPnDU7ZabcWG0t3hP2DOH533tWitfBA4XwG2vJtEGfmQoDI0hO5jh12yrBWOctB6etKtVNv9KKXAv3R3lSB-QfHYbYJepo--sYfKgrx2uvBok9Crl4j1cxC0s2vo1-J2tqzmu1IH-yKMzfuF6l990l2388xf4630ciyWNmrUI1b32ql4zJC7KNvOCsx6_Bcm4Ju8ZNFnuCfUAxCWZRwlSCxzJXAwMK-PAnhiJmha-TVcQkoRKp89jlc1UKH2eGTJRvzpngL5j4WaKPHH57apZJJttGa2iZjeHm_8&cid=CAASEuRo4Z4wohg87glMA0MlUP3Arw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:18:44 GMT
rum
dsum-sec.casalemedia.com/ Frame DA22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY_ufptwEwAQ&v=APEucNXupUaxnwGd6-pnDZ_aMgfTBEs2ueCGw3DtBK6-prwK0wDbwPiqHQ11g_FbY-hxEU4AhKCgEkx5z_W-DoZYKQGgiXXxAIeybHhnSBv8DVBwglpUm4U2ds3vODp3WF5wjSsucML7HL2R9383CJbfqATDxfMO3ABGVNcKBh9JzPVSAdDT25g
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DA22
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbraUc4Zw-BxkkkwsWXfVgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY_ufptwEwAQ&v=APEucNXupUaxnwGd6-pnDZ_aMgfTBEs2ueCGw3DtBK6-prwK0wDbwPiqHQ11g_FbY-hxEU4AhKCgEkx5z_W-DoZYKQGgiXXxAIeybHhnSBv8DVBwglpUm4U2ds3vODp3WF5wjSsucML7HL2R9383CJbfqATDxfMO3ABGVNcKBh9JzPVSAdDT25g
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECvpIp66cqb9r7WwrgBirVc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DA22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY_ufptwEwAQ&v=APEucNXupUaxnwGd6-pnDZ_aMgfTBEs2ueCGw3DtBK6-prwK0wDbwPiqHQ11g_FbY-hxEU4AhKCgEkx5z_W-DoZYKQGgiXXxAIeybHhnSBv8DVBwglpUm4U2ds3vODp3WF5wjSsucML7HL2R9383CJbfqATDxfMO3ABGVNcKBh9JzPVSAdDT25g
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
76fba8b4-5ed6-490d-b4cb-2515afb6fb74
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKUl-k9yswifyeq4d0dqUUg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA22
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY_ufptwEwAQ&v=APEucNXupUaxnwGd6-pnDZ_aMgfTBEs2ueCGw3DtBK6-prwK0wDbwPiqHQ11g_FbY-hxEU4AhKCgEkx5z_W-DoZYKQGgiXXxAIeybHhnSBv8DVBwglpUm4U2ds3vODp3WF5wjSsucML7HL2R9383CJbfqATDxfMO3ABGVNcKBh9JzPVSAdDT25g
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7f6b556c-9b35-4554-b844-94b58b02b2dc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDExMzAzNjQ5MTM0OTE4NDg1Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3544 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
daa2e640368b2d588d5401a524142e62fceef1a3fa74000c6a80c0b2581cc9c2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60402
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9699
Expires
Thu, 16 Dec 2021 23:05:42 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1878 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYQ4nWSv5LmU2wkfQ1fvYDj5wLBG3ikMVijTVgJtWWosagAPWwVpd9aSw4tQdVy2_E2-a99jAP9AoNALsLjXdbo_f6EkiTaF4ay-QavA3AjkCz6bQ18Lu0FTTirNQaYY_27JwattkWjM_b1SgWb0_NhCQgmA&cry=1&dbm_d=AKAmf-BeFVh0NE9OnlMHcBXlFTIOUUBQUw_-nC59qkCC-z3dA_4BdRMCW-wu8GqGIrvuipQVjzWH9izpgu_EV-MuG6IHUF27EQ-9GhcFvpGHv_8x2QqkD-xNwaeNXHLMM4x8OTu8Jk1M_3lmIlo16RjIj_j9I3NDqx_nDOkWm1mLNBITNAPK7FHjzIr24gkXEPFv02eE0U2HIRRDEwajfJSzMG6lh3Kb8_repGenRaeF66S03pLdeGJ1dyUPIlvBHTRcwuFQvGs6NkHd64FoLjcEF2JgGlXwnYg9BmoWNr4Wfjm2qs5irildxyxIXq5tq3SCSJx76eMQa5Zkjy2wviIJXblJTML70zwfpuF92lzRieeBXpZWa3VyQfH19MaP9H-z8doAeVIphv3bfc2XSPUWpCGbtbancxl7AASaYZOdsbaMQoXsjgppmeEOBB3rL92Gs2Tnteru9H0yqmb4FHgcG8F6OkUeM-R04nGOHXwuZ03wPW2cXTqgKo5D1hVAD8_EboDeKpQBu1yjCncyzZ6bL9zKZSP10EPznPsfdEeeGJXOkEU3hFA-RDVImjU2IQ-ZX-vGWVxHxgr16vOSRyVa81KFnAn8RVovUIfMPSHB9v6t9TTaiz3mTQj7V27XlwP53nGTAsudNmDnN3n0238drEXhiQ65MXUgrqYH-AVrtltNqDTLa6h_VdrDWpBRoSqpPt32ZL--t1hjJbH3CnJMyBB0_ElTLfyNye5RfY0hSawQytD2MdkPxN-mzvfWZ9g3ybgloWW5zbuwj4W6RdtFPkU-R1gfD5eM8hULNwwxSYNCDtaSofrlzlp1Yho0zVpmUqrUb_f6b9vrHv1IUBIaUGw6ZdD2YZna-pAoo4ibYsBL7AF0yesaHi3EZN_iqce3kgjB364ye7IGuS40zFRXpyTpiwtVIBffaKLEga_4CEY4WuNp3Z0IX7S7GZK3A_gU60T6xdxNWNFh-suwyOfgeGTQSr6NUBcz03wOSy6DLkrjlXe32BWe4ceEVDei1BSQiEFf-6sEddPP4hNUGekl-mdTUTypUZp0AjAnmDZkMgzZ3t4CIgqAkoX-aVYoGFt4NKP7iYGBoPTeUiTB5aSxhycyNjXosybLc9rM1VBKLk_ePbxfIngsoh0r_fmDWpbREkLm_VRH9lTtuPVbX1OoHEf7HP12TXoXaYVHBTAVvf0oHkLvQ6RVh2q9E4CXXoc2XlYTvied1EgCZdilN_7beZyKv5bmm4rDaTCTSVAzZiosl8cL9oJiqtrzq9ytFyJW_3Y0sra8zVGDG7QewZe3ujD2qncVEzCUe3uHI0p5EtjqsRCellawZ4sfiSHr5fHeRP0TnjYxNIR6vnEmOoUJnohm0DjHA7xUIQAVKLePO24iwWT9iIpWVwYovzOUvC7xVeu_EJuJ0R0Iid5xXopE2OkORrV0128Ka61K12X7Hx74i_7v2C5mw--BCPaVsdgM-V-46i8RRVTdCELlvvK4CtUhllH1EYkiuiI-1-J7vq_-ESEE3DdCkhVVulEZhYOb70vS3yKDHXOhyl1kyo_z_ek7Rn2lX5UZMVnBcf_qx_NkgMJx8TY_PGjhQbqaAXfM1iXoUNF2X5qqbTasQaQzTrzugAFix24pfNjwVkQoMUhQ0UTrZehI0d1J5eIqZSCo61a7EIC_rSRdnHosD1AbE5VN9nbqCznOnqsL-j377HQxs-mxLTgkD8YEQFr8VPE1iKn3yFASSjUxd75s4fWGNCey7TsQCiyJkwj8Hfa5LYnyZghgW1YhVUhKUsCLJLuyvF_FQZ-HLuxU2B4k10PKjUeAf2uflM6ZXr1OeCq4EQx_9up6QgF7NY4EJpBIOkGZmVHcmlFLN0h5Ng3BR7weWWMeFF4t7F-q87L9FGH86sgShR9mDxWl9OU-DSoGmvP3SMTXmkVYMLyd3_GxzT5MjDyp-pT2B-AA8MId_AbvT9v2Q80kFaf1ymnPiMDhq-KFFboZarm6__Dy-NW1p29xIFFzKzfuxiEtZHCwNDht7DYH4oVg0h7gXT13ypTkluaLcSn6dvrrAfyIiRAcRTXpeOvoj2mJpVRAW_9SpyPaESo5KZi6cgsosEfXJ1Nn4DL9pYwdTRGePChEzNXU0dnPteOlDjeUXXuZNlNHTTGWONYuD7ghQHrdk1gFrEpPm7O_auatBWiuKPJKCJVdzHCgxXjBXMfguwYqivEN4Np15Bb6q-xpmBUZmmTzYl3JJc4dSv3jUTLerkkFj_0RjxpDxSvO5FzCC2s8TtKnEYXl37MMr7Wl9kLBK6bExYOW1HupJcPDn6Zn2zozt6pe-uMe1-5X_owbIPSdze4TU9zq-qTvKEPyRO7JRe7CYvRKnXoZJoPwnx_UOlnDvSyqumGUiC_OpaaWwtdpfYr5rCwjxug5NjfuUFoeWklaBOk22oQETS8697U4FP7yKMYyrMGQLv1yPAnHeHe6rhtj_boQFSUQHhXaP9N2QsV8xWjwOjLheweS_drig55PGOkJ4fxFr8uDmqzTtUQOBNVSIq_c2VIz54WT6Fmy7cS_-Kp6OGNeSO3Xm8DpynJZmWvQHlDdS73QHw1-U9g914iCrdnhN82Jv3SV9MDo7a2c_7LRSibdMEXYpR6vVLtztTlae7pO9oVpmbH4FHc_8F_Kc_VaE-FGUd9zOACtfZ5INjHpAgbPyRVpT5RLsVBoe95nA_VgsdVv0EWgSvkWdSrn8hk4KG8Dgi3xpxRQwibXC-Qdo2X1JwUrtcPYP-CREo4g2RgjS9F1LY2yzIcBpRRE2s_iKuXtUgNw-HR-7inwd15DsEwFJFiATbaqYOMAETCWLH9e4i_oIgyHfgD5PQ8yjGTwDXlsbILqTLe9bKTlq5Ph0w_3vcHNSgKHfjW7Sq0vrsLxeHgzFbirDm8CzFNSrhq4B6mh3eSVNHf8XFy99Tc1k4vJB2_58BYh7HYlASEDzZAEiDzP6RPRV_X2Wzg0SUPkq3ONndfyc7eNBE8I5mYCMO0eMOo-F0OJwE74OOMJiirPE7kSWlf2bsdhZgOzn-mSMZNi2rcfqTEGwiEWV_NfM_eUdcg0-wuGjgs_29Z8XnmQ0akd23-6Z-AmRYYDYUpWl-qS2ECSi3FD3CuXk11AclMQtO6y_617ryjITbCWLQiPn3AGocKt4jbd1j_j386hKzZvrs3AUAzNja0GjtUFVsWoAu5Ti8xSXbDYMhnKMvtltenfdp74B3r4vumoiX9hp3FV8VQjK0O1bTNq-IS9fFTfvxgTP_tPj4YLCJCicn7ZFsb5DVRFi-gc1hcPyg813-ENQkjzCHOhWJIyHTRhKjFslBXk5HM7&cid=CAASEuRo7VVAohsyDiFoxGqg0uqDYw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:18:44 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1878 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYQ4nWSv5LmU2wkfQ1fvYDj5wLBG3ikMVijTVgJtWWosagAPWwVpd9aSw4tQdVy2_E2-a99jAP9AoNALsLjXdbo_f6EkiTaF4ay-QavA3AjkCz6bQ18Lu0FTTirNQaYY_27JwattkWjM_b1SgWb0_NhCQgmA&cry=1&dbm_d=AKAmf-BeFVh0NE9OnlMHcBXlFTIOUUBQUw_-nC59qkCC-z3dA_4BdRMCW-wu8GqGIrvuipQVjzWH9izpgu_EV-MuG6IHUF27EQ-9GhcFvpGHv_8x2QqkD-xNwaeNXHLMM4x8OTu8Jk1M_3lmIlo16RjIj_j9I3NDqx_nDOkWm1mLNBITNAPK7FHjzIr24gkXEPFv02eE0U2HIRRDEwajfJSzMG6lh3Kb8_repGenRaeF66S03pLdeGJ1dyUPIlvBHTRcwuFQvGs6NkHd64FoLjcEF2JgGlXwnYg9BmoWNr4Wfjm2qs5irildxyxIXq5tq3SCSJx76eMQa5Zkjy2wviIJXblJTML70zwfpuF92lzRieeBXpZWa3VyQfH19MaP9H-z8doAeVIphv3bfc2XSPUWpCGbtbancxl7AASaYZOdsbaMQoXsjgppmeEOBB3rL92Gs2Tnteru9H0yqmb4FHgcG8F6OkUeM-R04nGOHXwuZ03wPW2cXTqgKo5D1hVAD8_EboDeKpQBu1yjCncyzZ6bL9zKZSP10EPznPsfdEeeGJXOkEU3hFA-RDVImjU2IQ-ZX-vGWVxHxgr16vOSRyVa81KFnAn8RVovUIfMPSHB9v6t9TTaiz3mTQj7V27XlwP53nGTAsudNmDnN3n0238drEXhiQ65MXUgrqYH-AVrtltNqDTLa6h_VdrDWpBRoSqpPt32ZL--t1hjJbH3CnJMyBB0_ElTLfyNye5RfY0hSawQytD2MdkPxN-mzvfWZ9g3ybgloWW5zbuwj4W6RdtFPkU-R1gfD5eM8hULNwwxSYNCDtaSofrlzlp1Yho0zVpmUqrUb_f6b9vrHv1IUBIaUGw6ZdD2YZna-pAoo4ibYsBL7AF0yesaHi3EZN_iqce3kgjB364ye7IGuS40zFRXpyTpiwtVIBffaKLEga_4CEY4WuNp3Z0IX7S7GZK3A_gU60T6xdxNWNFh-suwyOfgeGTQSr6NUBcz03wOSy6DLkrjlXe32BWe4ceEVDei1BSQiEFf-6sEddPP4hNUGekl-mdTUTypUZp0AjAnmDZkMgzZ3t4CIgqAkoX-aVYoGFt4NKP7iYGBoPTeUiTB5aSxhycyNjXosybLc9rM1VBKLk_ePbxfIngsoh0r_fmDWpbREkLm_VRH9lTtuPVbX1OoHEf7HP12TXoXaYVHBTAVvf0oHkLvQ6RVh2q9E4CXXoc2XlYTvied1EgCZdilN_7beZyKv5bmm4rDaTCTSVAzZiosl8cL9oJiqtrzq9ytFyJW_3Y0sra8zVGDG7QewZe3ujD2qncVEzCUe3uHI0p5EtjqsRCellawZ4sfiSHr5fHeRP0TnjYxNIR6vnEmOoUJnohm0DjHA7xUIQAVKLePO24iwWT9iIpWVwYovzOUvC7xVeu_EJuJ0R0Iid5xXopE2OkORrV0128Ka61K12X7Hx74i_7v2C5mw--BCPaVsdgM-V-46i8RRVTdCELlvvK4CtUhllH1EYkiuiI-1-J7vq_-ESEE3DdCkhVVulEZhYOb70vS3yKDHXOhyl1kyo_z_ek7Rn2lX5UZMVnBcf_qx_NkgMJx8TY_PGjhQbqaAXfM1iXoUNF2X5qqbTasQaQzTrzugAFix24pfNjwVkQoMUhQ0UTrZehI0d1J5eIqZSCo61a7EIC_rSRdnHosD1AbE5VN9nbqCznOnqsL-j377HQxs-mxLTgkD8YEQFr8VPE1iKn3yFASSjUxd75s4fWGNCey7TsQCiyJkwj8Hfa5LYnyZghgW1YhVUhKUsCLJLuyvF_FQZ-HLuxU2B4k10PKjUeAf2uflM6ZXr1OeCq4EQx_9up6QgF7NY4EJpBIOkGZmVHcmlFLN0h5Ng3BR7weWWMeFF4t7F-q87L9FGH86sgShR9mDxWl9OU-DSoGmvP3SMTXmkVYMLyd3_GxzT5MjDyp-pT2B-AA8MId_AbvT9v2Q80kFaf1ymnPiMDhq-KFFboZarm6__Dy-NW1p29xIFFzKzfuxiEtZHCwNDht7DYH4oVg0h7gXT13ypTkluaLcSn6dvrrAfyIiRAcRTXpeOvoj2mJpVRAW_9SpyPaESo5KZi6cgsosEfXJ1Nn4DL9pYwdTRGePChEzNXU0dnPteOlDjeUXXuZNlNHTTGWONYuD7ghQHrdk1gFrEpPm7O_auatBWiuKPJKCJVdzHCgxXjBXMfguwYqivEN4Np15Bb6q-xpmBUZmmTzYl3JJc4dSv3jUTLerkkFj_0RjxpDxSvO5FzCC2s8TtKnEYXl37MMr7Wl9kLBK6bExYOW1HupJcPDn6Zn2zozt6pe-uMe1-5X_owbIPSdze4TU9zq-qTvKEPyRO7JRe7CYvRKnXoZJoPwnx_UOlnDvSyqumGUiC_OpaaWwtdpfYr5rCwjxug5NjfuUFoeWklaBOk22oQETS8697U4FP7yKMYyrMGQLv1yPAnHeHe6rhtj_boQFSUQHhXaP9N2QsV8xWjwOjLheweS_drig55PGOkJ4fxFr8uDmqzTtUQOBNVSIq_c2VIz54WT6Fmy7cS_-Kp6OGNeSO3Xm8DpynJZmWvQHlDdS73QHw1-U9g914iCrdnhN82Jv3SV9MDo7a2c_7LRSibdMEXYpR6vVLtztTlae7pO9oVpmbH4FHc_8F_Kc_VaE-FGUd9zOACtfZ5INjHpAgbPyRVpT5RLsVBoe95nA_VgsdVv0EWgSvkWdSrn8hk4KG8Dgi3xpxRQwibXC-Qdo2X1JwUrtcPYP-CREo4g2RgjS9F1LY2yzIcBpRRE2s_iKuXtUgNw-HR-7inwd15DsEwFJFiATbaqYOMAETCWLH9e4i_oIgyHfgD5PQ8yjGTwDXlsbILqTLe9bKTlq5Ph0w_3vcHNSgKHfjW7Sq0vrsLxeHgzFbirDm8CzFNSrhq4B6mh3eSVNHf8XFy99Tc1k4vJB2_58BYh7HYlASEDzZAEiDzP6RPRV_X2Wzg0SUPkq3ONndfyc7eNBE8I5mYCMO0eMOo-F0OJwE74OOMJiirPE7kSWlf2bsdhZgOzn-mSMZNi2rcfqTEGwiEWV_NfM_eUdcg0-wuGjgs_29Z8XnmQ0akd23-6Z-AmRYYDYUpWl-qS2ECSi3FD3CuXk11AclMQtO6y_617ryjITbCWLQiPn3AGocKt4jbd1j_j386hKzZvrs3AUAzNja0GjtUFVsWoAu5Ti8xSXbDYMhnKMvtltenfdp74B3r4vumoiX9hp3FV8VQjK0O1bTNq-IS9fFTfvxgTP_tPj4YLCJCicn7ZFsb5DVRFi-gc1hcPyg813-ENQkjzCHOhWJIyHTRhKjFslBXk5HM7&cid=CAASEuRo7VVAohsyDiFoxGqg0uqDYw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
usync.js
eus.rubiconproject.com/ Frame 9BAE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
daa2e640368b2d588d5401a524142e62fceef1a3fa74000c6a80c0b2581cc9c2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60402
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9699
Expires
Thu, 16 Dec 2021 23:05:42 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3B7D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C7C3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Dec 2021 05:53:44 GMT
expires
Fri, 17 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1516
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F2A5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1760e24904d16ad7a68ad5f50ed81769f28a990c35563f234fda6f7d069e5f7b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
dcmads.js
www.googletagservices.com/dcm/ Frame A363
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/847999/57777490/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce83465...
  • https://www.googletagservices.com/dcm/dcmads.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Dec 2021 07:14:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
app33.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 36F9 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
6559830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
oXfV3S0Frm4QfUFHLWUNX2UrnFPuuPBDJojxX2BigltxNyaQ1UIcyA==
dt
dt.adsafeprotected.com/ Frame A363 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcQIo,pingTime:-3,time:87,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:34%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcQIp,pingTime:-6,time:88,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:nationalgeographic.grid.id*&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 97BF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
google
match.adsrvr.org/track/cmf/ Frame B2C1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPWw2ls8ZQV_ojPUAK0uEbo&google_cver=1&google_push=AYg5qPJFqneTa58r8UvCqAZ3H1j5VWdIgJQFYkMLzZ3lVJFkjVkR7BM-lQ6whUR6xuQ9v7M2PUMr85YXWNsb2qn-yqdSlypUVHDT
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B2C1
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOy7Upv14Unt8Rn7QRNKh4U&google_cver=1&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7To9...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOy7Upv14Unt8Rn7QRNKh4U&google_cver=1&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7T...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7To9S6tFj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7To9S6tFj
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJoPjCqalTFfcHaI2gXHGVVz80ZxWCq5yxSe1wW91GH29SO2voHB3R92pnMVC2y37DpKq7eejVxCzQZ5YMjBNT7To9S6tFj
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame B2C1 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEF7G8rjb-LTdXdnoqQCuTKE&google_cver=1&google_push=AYg5qPKCuXVpSV1y9QW7z9buJE-l8HevmAH4OLNxwYToJ9BfkCL1WTB1CDxVYdh1dLhrELe5XV0aGyXJ7LVaGpATjRudStrvzdJF
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
do2e6qvjds34u7koq89cenpr40mhu8e8
pixel
cm.g.doubleclick.net/ Frame B2C1
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO3NrgsPDaoI1boNBnNXrE4&google_cver=1&google_push=AYg5qPLmnQIZf6nS9qXSjRVUtKXHq7R3i32Cdj5iC9mnYpN5fATxB3_oENv0BUuN2CGQAxW1V5LiXHkQX1fMrYGy...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLmnQIZf6nS9qXSjRVUtKXHq7R3i32Cdj5iC9mnYpN5fATxB3_oENv0BUuN2CGQAxW1V5LiXHkQX1fMrYGyi68UYIqDn_m9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLmnQIZf6nS9qXSjRVUtKXHq7R3i32Cdj5iC9mnYpN5fATxB3_oENv0BUuN2CGQAxW1V5LiXHkQX1fMrYGyi68UYIqDn_m9
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Dec 2021 06:19:00 GMT
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLmnQIZf6nS9qXSjRVUtKXHq7R3i32Cdj5iC9mnYpN5fATxB3_oENv0BUuN2CGQAxW1V5LiXHkQX1fMrYGyi68UYIqDn_m9
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
H02lhdZvqnOHGbfI6p51SNJRFoHHIInUqKMKFdtFmgPWndK5x2_NqA==
pixel
cm.g.doubleclick.net/ Frame B2C1
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESELk5f0yN_te2GmNyC0llGWA&google_cver=1&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchi...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELk5f0yN_te2GmNyC0llGWA&google_cver=1&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpi...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnp...
0
0
sync
ssbsync.smartadserver.com/api/ Frame B2C1 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA9ZlzJTTO9-of-wDu5jhKo&google_cver=1&google_push=AYg5qPLMN_VnpN_J4JSGdY792geo03giwDRKUbWPf64hyPVJ6OE6r7cPFZnTN0iDAwPaFPUvsZuF0ypQARxdUWkfbKCib3xLXcWa
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame B2C1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPl3SFal80TAfJbdBqgbvv0&google_cver=1&google_push=AYg5qPJmKss7p5bXuPbBa3KJ-ZxyeMO-mPBgxmfalQ6NET7fbfw5OxbGc9vmhrqHcVh4uCLpIi...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPJmKss7p5bXuPbBa3KJ-ZxyeMO-mPBgxmfalQ6NET7fbfw5OxbGc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPJmKss7p5bXuPbBa3KJ-ZxyeMO-mPBgxmfalQ6NET7fbfw5OxbGc9vmhrqHcVh4uCLpIikHky4O_DOXE90hdW5r7iRXO8VUMQ
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPJmKss7p5bXuPbBa3KJ-ZxyeMO-mPBgxmfalQ6NET7fbfw5OxbGc9vmhrqHcVh4uCLpIikHky4O_DOXE90hdW5r7iRXO8VUMQ
date
Thu, 16 Dec 2021 06:19:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame B2C1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtpOfnsRa3ZYW1CzO0n09k5qX4yNnl_vuXTMz6nEZ41doWRx9sdTtNwtrK0CyJ9Wdn83pCww
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame 0B95 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22251183134380490846%22%2c%22adomain%22%3a%22palantir.com%22%2c%22page%22%3a%221293733%22%2c%22format%22%3a%2293800%22%2c%22crid%22%3a%225473103%22%2c%22dsp%22%3a%2268%22%2c%22buyer%22%3a%228180%22%2c%22cid%22%3a%221895699%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-5702588174819441323%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
Content-Length
531
Cache-Control
max-age=86400
Expires
Fri, 17 Dec 2021 06:19:00 GMT
Date
Thu, 16 Dec 2021 06:19:00 GMT
Connection
keep-alive
dcmads.js
www.googletagservices.com/dcm/ Frame C088 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Dec 2021 07:14:45 GMT
aa.js
q.adrta.com/ Frame C088 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/aa.js?cb=1639635537349
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.181.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-181-154.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
db41861e19dffee1d1349e68f5be8a6796ac209694d7b25cd52b11f6ecdf3476

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 06:19:00 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
881
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ssac.js
cdn01.basis.net/assets/centro/ Frame C088 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.basis.net/assets/centro/ssac.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
52da09c9a337f4f5af7661a3b7cc2004cab74a86fdf57e99a8e81979d26d770c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
gzip
last-modified
Thu, 23 Jul 2020 17:22:13 GMT
server
AC1.1
age
29170
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2216
x-llid
c011c64525c7db7c3081ef7c5d1fe1a1
aip
eqx.smartadserver.com/h/ Frame C088 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eqx.smartadserver.com/h/aip?uii=251183134380517173&tmstp=6342248314&ckid=0&pubid=5&systgt=%24qc%3d1311284246%3b%24ql%3dHigh%3b%24qpc%3dm1%3b%24qt%3d78_122_7147t%3b%24dma%3d0%3b%24b%3d16960%3b%24o%3d11100&acd=1639635537330&envtype=0&opid=26d04221-71b8-45a1-9bde-7a4faf147ecc&opdt=1639635537330&siteid=363584&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=1&imptype=0&pgDomain=https%3a%2f%2fnationalgeographic.grid.id%2f&capp=0&mcrdbt=0&insid=9639798&imgid=0&pgid=1293733&fmtid=93800&isLazy=0&rtb=1&rtbnid=3727&rtbbid=251183134380490846&rtbh=6695e1415d2ebe2d8a06ccb72f0c4030d87022ee&rtblt=637752323373353367&rtbet=0&rtbptnid=68&cftgid=5dc3d2c41e76
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
aid:61bada5100c25e5b03560040;c:3.75;cid:1895699;ts:1639635537349
node-uk-aesei4.sitescout.com/smartadserver/px/ Frame C088 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node-uk-aesei4.sitescout.com/smartadserver/px/aid:61bada5100c25e5b03560040;c:3.75;cid:1895699;ts:1639635537349?gdpr=1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.71.108 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
A
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control
max-age=0,no-cache,no-store
Connection
close, close
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Oct 1977 12:34:56 GMT
khaos.jpg
token.rubiconproject.com/ Frame 3544 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
view
googleads4.g.doubleclick.net/pcs/ Frame F2A5 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFh1kMU4YfB4UgYtWq6Gbr3eaA5MTTr6J6eekxOApFLLUv3HRohBoxvqQPqzgjEbscT4nhnxwo0b7TQQgIUfPpDMS2hR0uh3RinAFqLsxdyUhjDtz1Gdcq6YEmVyxF2fVcKAYkMXeVtxDcDHT-cb1rJpn9fp9bzg1DwWvB2RpHcNmyDcHFsRkzgtIiZOhqaFTCS73lJR_L_b1QFHQdwM6oA2hXeYUmiXcpRuTmeHob4TAqwQPBrfga0Iot9uHhDePHH2doKStfL9bbrC6P1uDTWxG4qGWbFmccy4W1Ast_Wam7gTQTaoFNnokeQEqdGjVeGjY1Z2YBE6ZI9w5Jx3T-nj-tAKBhfUYYLlMs_5rSCMdCdog5fiQtjocJDcRpOyEV708xAM_qAvWbV2qwLOx7KPU-gu10kLBoWCXRHPQSwLVIElGgkYgKbTVi17F969G1_9uYYK63GqHvHLCdCRY-MH5sucZE8poU2PMiCoH-ZZ7XbTvQpbqwwILyAHfuG6Z1_3A6ECRGCjhbWlPVr9DWsiAwHiK3_kFL57wMuhFLIpz_NPWPKQquf2R-1kEiy40QuvV_yF7Z77ZMHjfiTKhkFKidRNVQnnKsbI1ZDmb1KyYV2kDxW9r7Wv5Mz5EmI7Qfjjb_4ffQtpbhjyAODdUpIXadHkIletw5lwrhvPVk2Vu5aroNjihLfM_wtwTBqrK3aOCMjikVEE-CeYY_vMtpY7Oe8KHMFwKZpG9ElMVm2c-x_5iqN5VHAQatp_7b2iP2RVAaJM4xGqowUlPAeFsR0itEDlIG_BocC4eREOaZJz9xlkZ7K8jwe-AvlcLIM-6zVfVXHXawi0Hffwu0zIpwoLn1sMZtMJ8I5wwDjdmMcqO7K9FYcGOXes__9wIWlV94Zo4p0BDkvNTyGtnATQOCub9mMLNwv-FpFNwCEQWoi007i8aU1MiR13GtMNW1TnYduS-a2fL6tas1bT5k8UZzfG6RhuSgcvtsejWikTUvruNmMz-RyIgR9OZ1QdYnHxH5X0gzOzXfTmGHwZL-TNHoCNll7xYdfGB2qW5UhQfjN80vsCUa2STX-hzbiRFEI25OWm1pgSAYpHWoaxxVOxjs_IJHPm-IrLIKCP2ASO9WtGKXSnkW7r722lkwKYjpr9-R6ZSPLwCCnIGCaB0E1D6VrF-ZUoO5X1UsazW9mrjfPc3s49KqZYJKkYrAUw3vNdsKO_kgT0QXzA&sai=AMfl-YQBq9bEb1zDJ1S5ry5N0z47nf-CJs9tdV0ALVcEkGJpaWgyaTCNC6cHqqVsWppXkZjKP9_5nrpo-cATBr6GxgUDzShVV4AHn2oPk8LqNE9Rwr_M7l45sZUXigSl3JDWsLTTP_jrfGPPw_6rEylNJSUjJ439iA&sig=Cg0ArKJSzB3E6-gxR5cVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=283&vt=11&dtpt=282&dett=2&cstd=0&cisv=r20211207.92297&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7ypCF6zaFI7dgCKJGLfm2_0DedabRThaYwQdSzv-1-BNBvTzVp1unxm1wqMdw0Vsy8MqxWZoq2kTzYiDd42euTkB9uV29cbGEEl5aOmCchCNPwrHV3oa2oIfxq1cQjiBPU3aX6Fv3fFpCgr1CH9lBrRE8g&dbm_d=AKAmf-DtvhayCqtKI6JQKazHQ75d_cPeDsHhyIHiqOm0gLI7v9Pc5HhQgvdBn4TxPH0EVrbfu_Wo4KanQ8FlTgeNBksX6b40LCoeQOLWp13I0d_3pUYgh2sdYYQMrEoG_taOB1ipx7VKQ_DwOBWLbtW2tJrs4VUIJbpGNX63XGZEp_zRN3JmXEq1QOjFzHMFisnpQCV7CA-FWeRKxOLNW203n0dlbJlYRJR3Kt4iM7aLp2yy_sPd4XQCz8K5Ke3R8z8-8sGFTQtL0zDCiGobFmNz5amZTYXdmjt_CUaWs8Ywl8JIn60je3PZzRrYR2xI6jWSwLMVudeFFgFbicP0y51rrJrfHmI6NEaHQxGxBgvQxwc8dj0740Z1rIMdzh-wf8zYVF4RkYkM-fgtFvRVpRvJ5EmNY5pa57diomz951PTs9lEXrgj6R_rYKq_1Bt9Eiy3yvw1lDku3-vlg21znqPVKfcqqooJda4wO3_BRhQeoYUMHfD0tJHdcdwQ9U3dbuQLV99fk2vRPytgPs3oVMk7YVoOB3Qr0TFOeS3DjiulTiCn16TO4kEu6Zys4ulZDH6i-F-oLkDQ_IcezwO_ca4XPkh-YiMIdu-khvdgei6RdjxjEjCYmgkli2WP0aigELyyWA_WM2fRSUkzvPeQ99RUQgenObA5YIR_IYYQ9VxITB4DkLG0MZRxhq0EBY5Cax5QRp4DddbZzLTw5ChRGkwpteedi3nVEi_OlbQbE1QEC7pep40hJxEg2vk9Y9eQHlv0ha9V_y22Ok0whV0TNpUTFNGdYh_i0bqJz4e0vKZPQctAfLnuzUaOSf2ddnnmbYLo9Tsov0jX2VBpfFIicUOVVL_yVy4DvsK1ZUH1x7VWI5UgaoOGB7-rCzjRcKVvbEocNSmFwxScvNmAby4EsTRER0akX_aCSSBePnhcjw49N0Crc3gQhNH_AqhuDIaRjX9l7FbKLlxpVg6K41dCmtKpxUzqwV4sr64D_6tMxTSOtT_Lwgl6dmh_a7eogc3ndSrygKaI8Lrz0MxjH3g-TrrDyE610x2ObuOaa2NDpuDfYgYh5W3lCR6tSQat06PMRII4IpMcZ1TkMg3fz0aBG2Xz9VImyjyIeGx_S_9OSfUz4R7Ybdsb106VrVQzg9kS422kzAw0aAkYvgKFTGBSw8m5Jnt4l8NeCzFXEStcw89YV3dlrAgeLo4uhPhU4hd1xfXd1wpD19KEv1eSvUTEdV8iZcGYj-kVeo7DuMF9_gXYCa4ImAdvWEN8jps-PHoz6JuUOqREHoNKmtDt-c_8mn2sN9CNOtSvwnTNpcnA0MrhodN9gt7x5f7czmBQZBaO4UZB5TYVds6d7hSIFwq8JK-cbMpib1Um6WfS-sVvncggp91NlgKdtEdCa1PzFHcc_OC9e9LP1TpIKY3NYwqZi2GLASN9oreNQAHJAdDMsuyYXZ2F1g1EDxn33O7TqOVpvxp7HYC6u8cUo4oTpu5w5-TvdQv0ObJCoyS0LoqGCVbDlPSTOqLzPJpuQo3DXlWR0TDy2l1TOJk9h8UR0Bje2UUX45PrJ1wuVuu_N-y3hTSx00SiJNV2j038AQuOnNbpz0E5pnVT72R9DpppQdtvqb40VJRenckVQt3LvcQUBoaT7z4sonUtrAeZqZ_IgOcoq9iO_s9kHqez5UIyOJkMdfltgKEnLFo5Kn5_YFaepbwKzTw6lY4fACQ3kdkbSf-xIgBthNJN73o3dRySBDSWlqLEmG1BuAZNlQ8omdIGjTFclFvZGNZiiy7bCzEt-A-PJydPklOlXmFU1hOIbYc7fhCHoTLORSYwI6hxhsSGMgHfvq5x2EE25i9OT6QZsi_wvZH6blzqo8dY5GpuBDzIqGuT3ZLluYnGvAeEbTKQAH8QulC7IEn62auVNQF9EoMj3b24dsZfHdC5YQYqFqCQ7yUAZAEkWSusGBO1UCfSNwQFBh0UdTs1K5dEIz40o0qHZfv4Lnd1MRsMbJNpFpzmlMKUwV1Rs5mQt1RO1TAD5zWkL-G6SuF3UufvqHU_ebrDfikUAvT83eGw-AwR_sQmv2UVfpxkMpFmpxb8ng2N6JtDjqfvlaoMSAl9v2dI-kZtZKtFTROR0KYo1wzTGq3rYwNy45SdDJRwA3jK7aZNCRBjvVM-fxzMIicMBohWOhcUsmYckQ0sK8rzyyI1cUHOUsg4UkKf4Yotfp84u01D3DDW7e-lWcgH15QOAxlS-qc0zhpOvhK-Ga1AfZw74JaOQKGjxdGVUnCq3VSAU8fRA3__biq7NyKl5KSYjF4XFgKP9JULbTxxSgWyS1N1WLo5rLaCWPU0mDoRGWzSxN9somppTqYw0v_L5K1Tj-3hY-8T8X0n7A9fBs1vWgLdQRuhUXyAvuYiKi-ml7yZJP29V53kFRnSmPIAXNN7Vss-WbI24sPh3_GBlayvncjlOMZEuIHJVFEBqnh9ok9rhrOB8EwBCCaog91JhqfDwKPsDn_yHh6pJkTErfypd5t1S1s0PVJmFc4rFSR_Cdiczpx2Pi5lxK9-wTjEuV2b0w_yBFl897YJJiXcw4EVoeDLPSx25XEfRYsB78ypTFrEDgAGG5jUDel2TPbt-OEZsfWcin6ZjXNMlIBo1C5Xqz-va_9dAQRibylxO3MZQtE6rZNoGy-_Ow8j8ny1buv84bzTZkGlFtZ_Sx7pRW10cyUhNZNY8D9GvQL0Fo0V8O0tAQfU0pGAl9UoBvN8kWD6wy2JswIUuAOtXO9zufY1wvqLATHQAnbELVJSFUbc7THEKroV90iM8VA2i-vFEo_Fs4UJCDZfMsdHMMl2rTHo4FCQRXnNmQVUHdJ_DAuAickmwd6P2SVc8iCXRrPkXudh9eAFCIq0qO8cOLezSNfwF959IrICGzgkqJfHH7wecNjIDpP9k9IH_Es2E07sv1kiaysMXY0HmWjSAz5_OgrW5eGtZVe5YZ5jLqubkWD2RYvIOCWoOrYME9bCaW1rbigKmIiiLt_Dm0VKkF7a0GgUBFjMbLuESNAs3WUIAVigew&cid=CAASEuRoUKGGYKaRaQC0-dRk2S6dOw&rfl=1%2Chttps%253A%252F%252Fnationalgeographic.grid.id%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
events.php
log.r2b2.io/ 		9 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fnationalgeographic.grid.id%2F&hbDomain=grid.id
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
a22fbb6b794cd4b81462711d7779a7163a2cd498017b25109042bb97301a3379

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:54 GMT
content-encoding
gzip
last-modified
Thu, 16 Dec 2021 06:19:00 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin
https://nationalgeographic.grid.id
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 9BAE 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcQJe,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:115,mdZ:330,beA:535,beZ:536,mfA:539,cmA:541,inA:541,inZ:547,prA:547,prZ:562,si:569,poA:571,poZ:594,cmZ:594,mfZ:594,loA:622,loZ:625,ltA:673,ltZ:673%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:120.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:34%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B129~0%5D,as:%5B129~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,sinceFw:102,readyFired:false%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D94D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2890 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Dec 2021 05:53:44 GMT
expires
Fri, 17 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1516
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D94D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7f16191ccee2f4100735e0c1114aed8bb65e245aa7bf923929f9631ff7f430

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 33CA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 15:45:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 10 Dec 2022 15:45:55 GMT
file.mp4
r3---sn-aigl6ner.c.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 33CA
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r3---sn-aigl6ner.c.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-aigl6ner.c.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81C4A935B28FCC69D097F6D894BB9D80827D0346.32B0DAFFEDB55D2716D1BCB6F1DAACB7894C3A70/key/cms1/cms_redirect/yes/mh/js/mip/2001:ac8:21:23:2da::1/mm/42/mn/sn-aigl6ner/ms/onc/mt/1639635156/mv/m/mvi/3/pl/48/file/file.mp4
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
2a00:1450:4009:10::8 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2116533
Last-Modified
Fri, 26 Nov 2021 17:16:35 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 16 Dec 2021 06:19:00 GMT

Redirect headers

date
Thu, 16 Dec 2021 06:19:00 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
653
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-aigl6ner.c.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81C4A935B28FCC69D097F6D894BB9D80827D0346.32B0DAFFEDB55D2716D1BCB6F1DAACB7894C3A70/key/cms1/cms_redirect/yes/mh/js/mip/2001:ac8:21:23:2da::1/mm/42/mn/sn-aigl6ner/ms/onc/mt/1639635156/mv/m/mvi/3/pl/48/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame A324 		531 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22239924135312065920%22%2c%22adomain%22%3a%22palantir.com%22%2c%22page%22%3a%221293733%22%2c%22format%22%3a%2293799%22%2c%22crid%22%3a%225525409%22%2c%22dsp%22%3a%2268%22%2c%22buyer%22%3a%228180%22%2c%22cid%22%3a%221895699%22%2c%22adid%22%3a%22%22%2c%22hash%22%3a%22-7471361953007977148%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
Content-Length
531
Cache-Control
max-age=86400
Expires
Fri, 17 Dec 2021 06:19:00 GMT
Date
Thu, 16 Dec 2021 06:19:00 GMT
Connection
keep-alive
dcmads.js
www.googletagservices.com/dcm/ Frame 306D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Dec 2021 07:14:45 GMT
aa.js
q.adrta.com/ Frame 306D 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/aa.js?cb=1639635537359
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.181.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-181-154.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
75bd2c81aaaa5e6cc9aa604002e044cfe4cd5ba57389f8b9f7b070f2331fd138

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 06:19:00 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
881
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ssac.js
cdn01.basis.net/assets/centro/ Frame 306D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.basis.net/assets/centro/ssac.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
52da09c9a337f4f5af7661a3b7cc2004cab74a86fdf57e99a8e81979d26d770c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
gzip
last-modified
Thu, 23 Jul 2020 17:22:13 GMT
server
AC1.1
age
29170
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2216
x-llid
a250aae9a517aa81dd1a792441f19098
aip
eqx.smartadserver.com/h/ Frame 306D 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eqx.smartadserver.com/h/aip?uii=239924135312076043&tmstp=7654837480&ckid=0&pubid=15&systgt=%24qc%3d1311284246%3b%24ql%3dHigh%3b%24qpc%3dm1%3b%24qt%3d78_122_7147t%3b%24dma%3d0%3b%24b%3d16960%3b%24o%3d11100&acd=1639635537329&envtype=0&opid=c744d8b1-d55d-457b-8fad-493b7efb5229&opdt=1639635537330&siteid=363584&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=1&imptype=0&pgDomain=https%3a%2f%2fnationalgeographic.grid.id%2f&capp=0&mcrdbt=0&insid=9639797&imgid=0&pgid=1293733&fmtid=93799&isLazy=0&rtb=1&rtbnid=3727&rtbbid=239924135312065920&rtbh=3278830e88321b2b5673a8ac4888f765411c698f&rtblt=637752323373435169&rtbet=0&rtbptnid=68&cftgid=1b771188557d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
aid:61bada51e73535c003580040;c:3.75;cid:1895699;ts:1639635537359
node-uk-raap3o.sitescout.com/smartadserver/px/ Frame 306D 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node-uk-raap3o.sitescout.com/smartadserver/px/aid:61bada51e73535c003580040;c:3.75;cid:1895699;ts:1639635537359?gdpr=1
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.71.106 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
A /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:18:59 GMT
Server
A
P3P
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
Cache-Control
max-age=0,no-cache,no-store
Connection
close, close
Content-Type
image/gif
Content-Length
43
Expires
Tue, 11 Oct 1977 12:34:56 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E767 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
google2waycm.netmng.com/cm/ Frame EC7A 		0
0
pixel
cm.g.doubleclick.net/ Frame EC7A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED5165pR28dK4HfoV-MeV7c&google_cver=1&google_push=AYg5qPIu3rLASDSJbkbxIxDsspq6fvNsa-8dMi9wpntIKMYxBkWtLo4DIO...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIu3rLASDSJbkbxIxDsspq6fvNsa-8dMi9wpntIKMYxBkWtLo4DIOkRoqFm7rkdqejNavmzApF-OPriK6M-KkoX241trVdP&google_hm=SrBtIB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIu3rLASDSJbkbxIxDsspq6fvNsa-8dMi9wpntIKMYxBkWtLo4DIOkRoqFm7rkdqejNavmzApF-OPriK6M-KkoX241trVdP&google_hm=SrBtIB99pCTCjUo0IZ9Xeg
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIu3rLASDSJbkbxIxDsspq6fvNsa-8dMi9wpntIKMYxBkWtLo4DIOkRoqFm7rkdqejNavmzApF-OPriK6M-KkoX241trVdP&google_hm=SrBtIB99pCTCjUo0IZ9Xeg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC7A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENENUPKNImYclO2RlV2lGGM&google_cver=1&google_push=AYg5qPJdv0cYFIJNi-gNUGiT68Y0Ti1tX1k66k4kv3lotvo8qDbuNJt3xtVUD2KPUJEHZUx87X-yswHdzVn4sSxj...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPJdv0cYFIJNi-gNUGiT68Y0Ti1tX1k66k4kv3lotvo8qDbuNJt3xtVUD2KPUJEHZUx87X-yswHdzVn4sSxjfCXBkKZk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPJdv0cYFIJNi-gNUGiT68Y0Ti1tX1k66k4kv3lotvo8qDbuNJt3xtVUD2KPUJEHZUx87X-yswHdzVn4sSxjfCXBkKZk1ev6
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPJdv0cYFIJNi-gNUGiT68Y0Ti1tX1k66k4kv3lotvo8qDbuNJt3xtVUD2KPUJEHZUx87X-yswHdzVn4sSxjfCXBkKZk1ev6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Dec 2021 06:18:59 GMT
dds
rtb.openx.net/sync/ Frame EC7A 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEF7G8rjb-LTdXdnoqQCuTKE&google_cver=1&google_push=AYg5qPK3VsFmMMOa2-j46rqO-NaoWes6KaEq0S4VYsQLjESwF_AmjdpaJ_BpJZJJwCn7SQw-FeRNiZze_QA4t5IJdETbM3wyCpHT
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:18:59 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
nv7rdg4ib8unhgjac8ckb0n4g9hhous0
pixel
cm.g.doubleclick.net/ Frame EC7A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGxufMvUvVk3GL_Fb7iAFw&google_cver=1&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4ExNF2VIJGsMlPBxEsOzFwf1zW9wn1-FDAYE6yChd
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4ExNF2VIJGsMlPBxEsOzFwf1zW9wn1-FDAYE6yChd&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4ExNF2VIJGsMlPBxEsOzFwf1zW9wn1-FDAYE6yChd
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPIiXvgTB3R0L_U8iOQCq3zAvs9OCHPDaHj7bh7z-I2_uxKdQOocp_M4ExNF2VIJGsMlPBxEsOzFwf1zW9wn1-FDAYE6yChd
date
Thu, 16 Dec 2021 06:19:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame EC7A 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA9ZlzJTTO9-of-wDu5jhKo&google_cver=1&google_push=AYg5qPIlFnwz6T0IvAOmwbsVm0x0khVksajtQ5BxSZ8il2BRarmZPUJNP7rGOXZOcbWcghxOaGXNShjoppSmm2OiVqom2BmHzwVj
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame EC7A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPl3SFal80TAfJbdBqgbvv0&google_cver=1&google_push=AYg5qPIP4FfqM-iNutSGa1P0koJ9MAqQ3LmnT0bMA4zrg2MSX7BY7CHtbjvQICR60NVckHAZdb...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPIP4FfqM-iNutSGa1P0koJ9MAqQ3LmnT0bMA4zrg2MSX7BY7CHtb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPIP4FfqM-iNutSGa1P0koJ9MAqQ3LmnT0bMA4zrg2MSX7BY7CHtbjvQICR60NVckHAZdboaDAqCAqAvRp2BPM4sIdrd1LHBlA
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1DWUpGYXJWRTJ1R3NyS3VDQk1PV1VPV0xrMWl4MHJlR35B&google_push=AYg5qPIP4FfqM-iNutSGa1P0koJ9MAqQ3LmnT0bMA4zrg2MSX7BY7CHtbjvQICR60NVckHAZdboaDAqCAqAvRp2BPM4sIdrd1LHBlA
date
Thu, 16 Dec 2021 06:19:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame EC7A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGkfzc7ujZqJOoioW9YwvNRscAtk75kwBNfHSN1VM1b1osHcp3m2ASO3Mjjmmbi5JQQCMsIA
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dcmads.js
www.googletagservices.com/dcm/ Frame 1878
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/847999/57777460/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce83465...
  • https://www.googletagservices.com/dcm/dcmads.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4486
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:29:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Dec 2021 07:14:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2227 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
6559830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
7ihpj5kP5WXYykywRSZoutOtcupL8X8JvDb_uIMKewr7nT3eb4UC-Q==
index.html
s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/ Frame 90F3 		303 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6eda7385b411fe168b82e1985435a9489a3ade2542099dda28ed4d2bef31740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Fri, 10 Dec 2021 11:45:45 GMT
expires
Sat, 10 Dec 2022 11:45:45 GMT
last-modified
Tue, 30 Nov 2021 14:27:50 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
41503
age
498795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D94D 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsun9mJtTxhSgh0PVBbL9hJupAPsWfqyg1FktxyPXFnwhPG47qEzxtzIGLXlkssUG6yLIJbkSXxPjbOEyBgK2r1zL3cBd18qPDmNkV3ThBFQlpjsWFOP7B8lGoH24j9pPjA3wTWIqsz9Z8XGWUggCMrmuzdU2Uugqr06uaBalI4lhH9jh27V49WTkS9oRVVK8a90yx3QC2JgrgUq7cMIGKC_BbQZjTIY2RL-VlWwkY0l128oCcJnFw0l83lNIHh2JcLXs_-SpifQh98ljnPVm9OJb-7V2zfW70U_7H0kMGUCFYnBFoy8M3rxjb_qqQiiaS3v9hbDOjhPzhgaSWupR0fY8OxIMKB3Ppa1sMFdZOzHwYXngYZ8Q6T5ZyaQhPf8fBlFdkg5JzSio7_e9-YQOoKLS18nJL6CdhXG_WDlmmwfOQRKiZ3Nj7t-ypWdbOA9WzEiSZoWbSDSpXYRfaurVI7S3HDEqQNCewxEN3QGxJQPwHXbRyC9VIZaD-UGNx59tHkCoUbPi4gZnB38rq0cme65xCk9HtJaGRBJsUzqbTexca9l-g5V5Yv2NitAthTgf909QU_nOPQnvaXtdlBdbrlzmfkjJmC2JvwMzOKX9o_y6n4UUTqNVvvw1FjJQK89g1mH0HEAaJrtjrAfkjbQeOZys_nEjOE--N4pjka4WisKafClMP0-j7aTn2TeczUi3qnHS1j3-hCJlbjQYQYUSwjJzKYI376Tnp14WSyEmS4wIC3522GvZEN-S9NaLF0JfDC65vI33f8Mo2YdLQMFUdFJQbLzECLNiq6u--GIYAHENPlel5B4gaZ880P3D55dfy6qqh0Xx7V-f-aig2NMpJzgahueXIbkbYOqwN-hMn6W4wtNswNPvWC8xwKA95MpoI8LEiO8-CZMa-58mv278-7ZD8240Ed7om9YYNFu8nNpcsz0meZ7l3by3uT9C8B8DorNjC8ayJniza7ItE4GEl-HOncweHetoNr36szF_iXBqzHajzPUjVGSTFEzobVCVtHX1ehmHOAk5sBrm4TL2d29YTmQYN4fOshiTOtiFXD4OdYwrmekMwix23_uyC-Z23iyYOSQvQV5bI20LbZ_-MDYOHM5zcptPRZx6FiPAlZoXShE5P7SpnoMQFosfAiFebPjpFhurgcBHJ3at8tgFgj9rAyl8iQK_EFtf8geaA4EKIUL33hS0C7KuD-3x8vtB0a322luWifwofmqore2nJt2-kcpIZmSsJQVTft2LVBhZ37E1dBNIg&sai=AMfl-YRBRu84lQnz82NaKwJSqVGVCKi8qjRrqpmpHiEePXZQcR4vAuM0LCGHoKpkwLMWtPgjKbIkVQ6OLLNNoK8HKKNd01cnA0_Wh85YefDpRjVc6zhf1FZIjfLLIvgxjaQT1RoVF7k71cLG4uYshTyHU1H7gemD0g&sig=Cg0ArKJSzLcy2QeTcGT4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=411&cbvp=1&cstd=407&cisv=r20211207.51997&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 16 Dec 2021 06:19:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v81.js
www.googletagservices.com/dcm/ Frame C088 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 09:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Dec 2022 09:06:19 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3544 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif
impl_v81.js
www.googletagservices.com/dcm/ Frame A363 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/847999/57777490/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:21cb7ad4-e139-178b-bb70-42f64639faa3,c:wWcQHx,sl:outOfView,em:true,fr:false,thd:1,mn:app21ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:5,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:35,oid:0ea4bf10-5e38-11ec-8eeb-0aeb40f66fa8,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 09:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Dec 2022 09:06:19 GMT
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcQMO,pingTime:-3,time:107,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:33%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:107,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRJBDjV+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcQMP,pingTime:-6,time:108,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:108,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B100~0%5D,as:%5B100~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRJBDjV+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:nationalgeographic.grid.id*&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 7A84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjdQf1QKx6n0R8TEtQCj6iDR8pTMpCuyh4khbTJL7NKWRtzwgTRJkrUMrPXPvhEBkVix8o4aEifnTFM3WCybEQPB3bry539WSs3QESRR2YVu-k32xPcUu0xMhVn7k9twy8p0eGQdI5U7B2MqB-ceTPRA6k2LaP84vLGoiQGEOKvkPR-vRmVWf6Gh7At9I6FGlfok878ry5NerLGrrK9e8oKh1Emut2h7VB6o1TJLCgBy8WRj6CCnESL7mXF5KslHIykXt46AybuMOkFUrE3q8F9wBeeuKnKHqsYaUpp07-jPC1AOZ3D6Fn-RTGJsiTA2IJw9FKoR5iuevnt35xvkmn&sig=Cg0ArKJSzMtoFlI9zW_lEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 16 Dec 2021 06:19:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0286 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impl_v81.js
www.googletagservices.com/dcm/ Frame 306D 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 09:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Dec 2022 09:06:19 GMT
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcQNc,pingTime:-2,time:131,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:115,mdZ:345,beA:784,beZ:786,mfA:788,cmA:789,inA:789,inZ:794,prA:794,prZ:809,si:818,poA:819,poZ:843,cmZ:843,mfZ:843,loA:892,loZ:894,ltA:915,ltZ:915%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:120.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:33%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:131,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a.847999-57777490%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:96,readyFired:false%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0A22 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Thu, 16 Dec 2021 04:59:25 GMT
expires
Fri, 16 Dec 2022 04:59:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
4775
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C7C3 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAnt_F266YNT6TUhCbV7l5Q&google_cver=1&google_push=AYg5qPKzRwwYvVqWn4aF774KsoS-8hbvQuqV1Y8DXTjVmsF0pc3HuMas4pnsBRTha53M7mGudqlstIwOnPTKKntwHhwL197uY639
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame C7C3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRWN-1RQWju55p-UkyfsXk&google_cver=1&google_push=AYg5qPL1gv9UQiAz7cxOCi0GnQB9d9Hrw9ui61P0nAIDudvrLfbP98Pa-VhrfaAEBemLchxpCOsDpy3MByWUyTr0HGqOc1T...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1gv9UQiAz7cxOCi0GnQB9d9Hrw9ui61P0nAIDudvrLfbP98Pa-VhrfaAEBemLchxpCOsDpy3MByWUyTr0HGqOc1Tv11o&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1gv9UQiAz7cxOCi0GnQB9d9Hrw9ui61P0nAIDudvrLfbP98Pa-VhrfaAEBemLchxpCOsDpy3MByWUyTr0HGqOc1Tv11o&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Dec 2021 06:19:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL1gv9UQiAz7cxOCi0GnQB9d9Hrw9ui61P0nAIDudvrLfbP98Pa-VhrfaAEBemLchxpCOsDpy3MByWUyTr0HGqOc1Tv11o&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame C7C3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK272nk5YLsrL-OpO9j-fa3hv4ZaDFee15M-c_pbAsc7WlBwMnuUQPd6yiAO7bzSBLkQGpANAIw_5MYgtZgkQ6pcGRwX2st
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK272nk5YLsrL-OpO9j-fa3hv4ZaDFee15M-c_pbAsc7WlBwMnuUQPd6yiAO7bzSBLkQGpANAIw_5MYgtZgkQ6pcGRwX2st
date
Thu, 16 Dec 2021 06:18:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C7C3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENGZnlyd7JKlG__prunQd08&google_cver=1&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENGZnlyd7JKlG__prunQd08&google_cver=1&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9uOeL85S_EGN&google_hm=0a115d9be9495e93aa0ef63a
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9uOeL85S_EGN&google_hm=0a115d9be9495e93aa0ef63a
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK7R0pPdLwJ0GXzHUMknBae2boxOxtGHQGnRIbFry4_ht2C14MeZarrd4P9mub1Nv5bJbl1p7vf3VtRd-oZ9uOeL85S_EGN&google_hm=0a115d9be9495e93aa0ef63a
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame C7C3
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEDvpVWTL-OYWGrO5moceKzg&google_cver=1&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
0
0
pixel
cm.g.doubleclick.net/ Frame C7C3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGxufMvUvVk3GL_Fb7iAFw&google_cver=1&google_push=AYg5qPJ8x9YJr5okOUzCXsKfOyY72R7rUwjWn4uccwsTz1cHIl7Lo-nqY9fjHF7eNND3aip97MKkUAalPTr13sQLTt6_89fSkso
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPJ8x9YJr5okOUzCXsKfOyY72R7rUwjWn4uccwsTz1cHIl7Lo-nqY9fj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPJ8x9YJr5okOUzCXsKfOyY72R7rUwjWn4uccwsTz1cHIl7Lo-nqY9fjHF7eNND3aip97MKkUAalPTr13sQLTt6_89fSkso
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDA2Mjg4Mjc4OTA5NDE5MzU3MA%3D%3D&google_push=AYg5qPJ8x9YJr5okOUzCXsKfOyY72R7rUwjWn4uccwsTz1cHIl7Lo-nqY9fjHF7eNND3aip97MKkUAalPTr13sQLTt6_89fSkso
date
Thu, 16 Dec 2021 06:19:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame C7C3
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPf...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPf...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSd...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPfiO-9e5_Ry3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPfiO-9e5_Ry3vthi5PA-Wbk7-dhfsMWaO2xmWScCQT8fJa_Q
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPL-cPI7tE1J1eVgb0hZpCYiaSptk9a4ZIOMBTQggq0e9q3wSdPfiO-9e5_Ry3vthi5PA-Wbk7-dhfsMWaO2xmWScCQT8fJa_Q
date
Thu, 16 Dec 2021 06:19:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame C7C3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQw9MYkdkUUVyiRw5da4o8Aw5WKhIIGnEZ4hZvDsZkGWMUaUwe6c3GtQ2v1I0GvOu_RxXlYA
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 3B7D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
51119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 16:07:01 GMT
B26784774.318538977;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada5100c25e5b03560040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Ge...
ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/ Frame C088 		41 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538977;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada5100c25e5b03560040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5473103;dc_adk=2550189219;ord=m3z26p;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2F2a14bd4dc4a85164%2Fb6cf984e94721f3b%2F61bada5100c25e5b03560040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=96;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
25c510808ec0ef74c7ced166e3f9250947af5d840418ad8a9aad4ce0566fee78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20444
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B26491818.316608415;dc_ver=81.236;sz=120x600;u_sd=1;dc_adk=3944675606;ord=592vir;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjr_yUtq6YeiPOvuB7_UPi6aTyAKj_puLZ8K_uJy...
ad.doubleclick.net/ddm/adj/N4378.1528591.SMRS.CO.UK/ Frame A363 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.1528591.SMRS.CO.UK/B26491818.316608415;dc_ver=81.236;sz=120x600;u_sd=1;dc_adk=3944675606;ord=592vir;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjr_yUtq6YeiPOvuB7_UPi6aTyAKj_puLZ8K_uJycDvAuEAEgytbjH2C7hr2D0AqgAcuv7u0CyAEJqQK-BMc2Vju2PqgDAaoEhgJP0JpiEOdJvqs6oKJFbtBu6tcWgixME7vSiav6RSs04v5J2LpEapzChAZ71uTrQdonSVHKKXrT-iSNyzxqoknC37NQT38NAp6higGMDHNunRzuZc_y20ay5SqngDUBJ1G7Z8v8GAohcb47fovamLSJ8n-RJbl--C5JJKOhszzF-kRH1TYvD0sy6hNyY3k3XES8SR_RY4eliyfEuIxSBX1kKTrEXbVBmw96ddfSOY-167KnFqvKLREkd3jdGCbsI29X86y2KJcqeRd1H970F8JmB5i6BaQVxc1LCbCb_y5NbzDkmy1GoDtMsKoUix_Prq5i2tkJzyYDcO18GgC-5w70N1PLhtZ0wASPzIfu3gPgBAOQBgGgBk2AB53QkZIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoDmAsByAsBgAwBsBPQ5cgN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRofSA57zkT0eZZVoBOh791kw%26sig%3DAOD64_3qiRv35MgbTpb4bk5UPVzmHETF-g%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-CYsIoEKkhdlGIZQb6TU__i4cRLqDVtp0Uj4D75oSaOPlueawSaD3CD22Ziw-u2UA7-aC5zfJ8TJoBZP7pL9fP2YF08vDQhTCYdRUZc5E23oZwyeBtVwqPZn7QR64fhtaFVG8GM6XPXl0sVWNIY7NDYNcrt1w%26cry%3D1%26dbm_d%3DAKAmf-ANyHI75Yptk5ymWmmIbEhbhA3vVuWw6_bIGLWCYSYRfZtwm8YIn2B4VjbHSB6U3x0s_E0Zxq9l9lMt8uP5-5J1VoPmARBRc3KJKGCqAiY-Cuz8hSJ_NfUtNzvwI7DX8IPvS8miGAfF8SOViil0HcU6nUPK68bEii4vrUQ5BwGFGuhapjJxYOhGekKHxhOfJIR9QoZ-I7lCmfk1yz40wRnc_NS9F3sH1ibvpIs9tbO-ooxsjqo6RnIvZ3KI5jmrATYvh_LNhtmTIpwL8YfZl8YUEu33ElEzXhja6wOccaLFEHECVeB8aRbvs6vu0ggcy6nR8FJyxmtQ-gXbpiIFqg_aPyt80O9ZhHQrYifsWUlx1FQ3b3aVLvv_gNlAqRdDtHd_XGSdNeJuHlAMbgGLG0rVnU28BsJudeS2n0qhQn_WWW5gcltEt3nX_44BhiK-_CMqbha2jTm_PERRNdjAyI3SI5FU8A%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=1;crlt=885a97FsVi;sttr=97;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
ebed55e3dee1c7380bedb8bd3978145a2afc56c7285ed6854fc2e4b26a4e3e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24572
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
google2waycm.netmng.com/cm/ Frame 2890 		0
0
pixel
cm.g.doubleclick.net/ Frame 2890
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED5165pR28dK4HfoV-MeV7c&google_cver=1&google_push=AYg5qPLFdDdEbd6yw2NlwwwZor8C-eTWGkaL-iGe6oo7U6FY92riByLS7z...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLFdDdEbd6yw2NlwwwZor8C-eTWGkaL-iGe6oo7U6FY92riByLS7zZ9Frp_2Prnd1ogBDbzEAcwZa8_3hcdrxf9WqYPa5Q6&google_hm=SrBtIB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLFdDdEbd6yw2NlwwwZor8C-eTWGkaL-iGe6oo7U6FY92riByLS7zZ9Frp_2Prnd1ogBDbzEAcwZa8_3hcdrxf9WqYPa5Q6&google_hm=SrBtIB99pCTCjUo0IZ9Xeg
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLFdDdEbd6yw2NlwwwZor8C-eTWGkaL-iGe6oo7U6FY92riByLS7zZ9Frp_2Prnd1ogBDbzEAcwZa8_3hcdrxf9WqYPa5Q6&google_hm=SrBtIB99pCTCjUo0IZ9Xeg
pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2890
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENENUPKNImYclO2RlV2lGGM&google_cver=1&google_push=AYg5qPIyvyLLvUQOCOjNYyny4TcIDvJOEm2C02r0cX1Kn1eDIgSkISje92ajhmfu93OyoY4eALcWmxJJ78Sqv3Zh...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPIyvyLLvUQOCOjNYyny4TcIDvJOEm2C02r0cX1Kn1eDIgSkISje92ajhmfu93OyoY4eALcWmxJJ78Sqv3ZhurWsmk7ntJs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPIyvyLLvUQOCOjNYyny4TcIDvJOEm2C02r0cX1Kn1eDIgSkISje92ajhmfu93OyoY4eALcWmxJJ78Sqv3ZhurWsmk7ntJs
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Dec 2021 06:19:00 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=i5lhutpRQgC7wmrIZmGXvg&google_push=AYg5qPIyvyLLvUQOCOjNYyny4TcIDvJOEm2C02r0cX1Kn1eDIgSkISje92ajhmfu93OyoY4eALcWmxJJ78Sqv3ZhurWsmk7ntJs
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Dec 2021 06:18:59 GMT
pixel
cm.g.doubleclick.net/ Frame 2890
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJeaerxaGcwkgpYRxtzSZmE&google_cver=1&google_push=AYg5qPLopiXt8KXEx796-JH75o94suVk-x0Qt3v-_-vGlFDxptKEfvBym7lQBt5OesJqQhbY1l2ilEj7cGPM7HTNqazY3k4m3_xc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC30756037434F9E8694F59FE6223746&google_push=AYg5qPLopiXt8KXEx796-JH75o94suVk-x0Qt3v-_-vGlFDxptKEfvBym7lQBt5OesJqQhbY1l2ilEj7cGPM7HT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC30756037434F9E8694F59FE6223746&google_push=AYg5qPLopiXt8KXEx796-JH75o94suVk-x0Qt3v-_-vGlFDxptKEfvBym7lQBt5OesJqQhbY1l2ilEj7cGPM7HTNqazY3k4m3_xc
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Dec 2021 06:19:00 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EC30756037434F9E8694F59FE6223746&google_push=AYg5qPLopiXt8KXEx796-JH75o94suVk-x0Qt3v-_-vGlFDxptKEfvBym7lQBt5OesJqQhbY1l2ilEj7cGPM7HTNqazY3k4m3_xc
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 15 Dec 2021 06:19:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2890 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAnt_F266YNT6TUhCbV7l5Q&google_cver=1&google_push=AYg5qPIC4iue3mH2S_ykHx2tpZ98FiuuKsxsRD3-No97ehkWoxGGcB2eVC91AafknG-AzBvfT3pMv72YlJOUCEYGIfegNIlNV1AR
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 2890
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxpKinRs...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxp...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxpKin...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxpKinRswxkp8l84ZK75p-lBTJXN
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKAjSj0_0Cp26jTDeYExxMZMKBEEpanmZwMlTarf5ZehPQNW3hBWGqE5r6TxYOtbz4mfxpKinRswxkp8l84ZK75p-lBTJXN
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2890
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESELk5f0yN_te2GmNyC0llGWA&google_cver=1&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPE...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZ...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 2890 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IE4yrzjKC1VUrPVgv3lCkqF7UThUGJWxjS9o29i7LuOFooo5vjaZO2rezuNQrb-d8iwXXa
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
impl_v81.js
www.googletagservices.com/dcm/ Frame 1878 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/847999/57777460/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:771792ce-fbaf-ed31-f743-f9726433c57d,c:wWcQLC,sl:outOfView,em:true,fr:false,thd:1,mn:app23ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sRJBDjV+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:34,oid:0ea8b6bd-5e38-11ec-af29-0ad2739237b2,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 09:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17189
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 19:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Dec 2022 09:06:19 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 97BF 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
51119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 16:07:01 GMT
B26784774.318538692;dc_ver=81.236;sz=300x600;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada51e73535c003580040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%25...
ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/ Frame 306D 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538692;dc_ver=81.236;sz=300x600;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada51e73535c003580040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5525409;dc_adk=3381709067;ord=boupr3;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2Fb5b6a2e42a3c6a0e%2Fb6cf984e94721f3b%2F61bada51e73535c003580040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=110;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
6f1d85d65aed92402a876e52e04367d9e2dba0f788e5e791ec21249d07f32dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23456
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame E767 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
51119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 16:07:01 GMT
B26491818.316607110;dc_ver=81.236;sz=120x600;u_sd=1;dc_adk=943508953;ord=xm2mjn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSuteUtq6YemPOvuB7_UPi6aTyAKj_puLZ_rCuJyc...
ad.doubleclick.net/ddm/adj/N4378.1528591.SMRS.CO.UK/ Frame 1878 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.1528591.SMRS.CO.UK/B26491818.316607110;dc_ver=81.236;sz=120x600;u_sd=1;dc_adk=943508953;ord=xm2mjn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSuteUtq6YemPOvuB7_UPi6aTyAKj_puLZ_rCuJycDvAuEAEgytbjH2C7hr2D0AqgAcuv7u0CyAEJqQK-BMc2Vju2PqgDAaoEhgJP0AcY45ktDkDcFYB7Pqd477lpUe8rcOdniBmQ0X8x4xbgfIkBcg1LvpzPI7O6iESNc3XQA7pQHFFI0K_vFb4s5AYagcq1lP7Kr1HhVInltCVMFoyoTncvhLu9uSjrzJXAdI639Tdey3BbUEFcWbOiuhj6W1mRU68PoxE2AH6_BFt9fZIMpQwO48aMDsCQ5rFu9fZYW7fFWYpoKyIsCWM-KB6n0ojEgbg55gHcyId6Gmn2mzF0Bd-zaelCYASlV8l7D6CFCnpjAwLsjPAp62LSVcvk7VNXzaOJWTIRWtodwQvz-lhjLy6BNX7w_vB13FHDRfBaW5MISF83D4RwuxbUWl9V0a2iwASPzIfu3gPgBAOQBgGgBk2AB53QkZIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoDmAsByAsBgAwBsBPQ5cgN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7VVAohsyDiFoxGqg0uqDYw%26sig%3DAOD64_1QC7QYRhnorsL-QksuewKQ6YOCIQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-AzUOZxCgN8F0dOjllh_-WSzvcIAriv6GpWC_8I0YI9Vdve65YsgM-oFlF1dTz70mYMgyvF_a6D0F1JEgKXXnrOcP_dYTTE4XdsslUxqbIjhUNYu-rndvy7VXR9bV2WC1NBHu05izlkHf7rw432GESaXm8liQ%26cry%3D1%26dbm_d%3DAKAmf-AYXm9fBQXphNXQSzG2sanzjgG6xmNYDD42p8TgafGXVaUupXSNeyD9Xk4LXRLflt9eGbKiZFjTwtWbb9nXxtCFEDdS5Rdgr4iSycv1hinx-6cgN48RgNXYvm60WFxxdLngZHI-qcNyzNb67PS83vH5rEs4IL7urGmYWESCwoeMh-TgxJk2NiQ8HBTzy0zAh_ft2X8uuAvhNZ-Gx5fPn15MpART1xCBNSV7J6BgM_XRqvKxdv4ELY47EfFy8XJYY8qM5CdmwSzHfoFwKMmUzOJCITy1q9Pz_lz6V1VPRvDpV0hTkmQTdGpDG2EZLZFD11Nc5mVA0vnGIEd4kYU0Ua3ijYAqh9sRZSqoDfvGzbynjjnqCKiN-1HJu2WJrkcr-P_SXqdifmLTptumN1Sz0Rz-3iGNy1V_-2Xihw4jWXN6AcsnjIm_EYSFQO8653aCIWc0SFAkclpX_LQGrwfvCWw1tLzpVw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=1;crlt=885a97FsVi;sttr=71;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
4f88580815b2c428865833baea91519178784f3292bbaadeedd62b791e66ca3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24659
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 90F3 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 12:23:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 12:23:45 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 0286 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
51119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 16:07:01 GMT
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 0A22 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 20:49:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 20:49:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6EEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf_CxRjN3bvae3WBz-Hv0KIgq_wzxkaqFSe0dTx_sTqC-eHOvXCBwHVTE5oS1xWyG3CmAJdORCIdR5XHI0K6ylNx_VIoBlAmC-GFodZ523Js9I5dFXjJ0ZcFFQJC9-U8aD_lLgU7LMQm8mgLDuCbw-dBGSLP9imjMeWVwzwsfpAMh2Ios9lfSs5I3XOWotIQB-bkfR8918bS7JGX2v7ouma5Z65kDgs5gNbZ9oCil3kj3lvGFnt4yxB4YcRD9g175zDhpycGHtGcjWWpyy_QAaN1D4BVxc_8iyhPqbPkzRz5TLt6BpJKsPh-MoUlvkhHGc_4lM1tByzCDofcGj28YT&sig=Cg0ArKJSzL_i1f7DrBRKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 16 Dec 2021 06:19:00 GMT
VolvoNovum-Regular.woff2
s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/ Frame 90F3 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/VolvoNovum-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 13:18:42 GMT
x-content-type-options
nosniff
age
493218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39156
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 14:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 13:18:42 GMT
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcQRC,time:659,type:e,im:%7Bimprf:%7Bttecl:764,ecd:55,tsecr:157%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B649~0%5D,as:%5B649~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b.847999-57777460%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:00 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame A363 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 12:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 12:52:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame A363 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.1528591.SMRS.CO.UK/B26491818.316608415;dc_ver=81.236;sz=120x600;u_sd=1;dc_adk=3944675606;ord=592vir;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjr_yUtq6YeiPOvuB7_UPi6aTyAKj_puLZ8K_uJycDvAuEAEgytbjH2C7hr2D0AqgAcuv7u0CyAEJqQK-BMc2Vju2PqgDAaoEhgJP0JpiEOdJvqs6oKJFbtBu6tcWgixME7vSiav6RSs04v5J2LpEapzChAZ71uTrQdonSVHKKXrT-iSNyzxqoknC37NQT38NAp6higGMDHNunRzuZc_y20ay5SqngDUBJ1G7Z8v8GAohcb47fovamLSJ8n-RJbl--C5JJKOhszzF-kRH1TYvD0sy6hNyY3k3XES8SR_RY4eliyfEuIxSBX1kKTrEXbVBmw96ddfSOY-167KnFqvKLREkd3jdGCbsI29X86y2KJcqeRd1H970F8JmB5i6BaQVxc1LCbCb_y5NbzDkmy1GoDtMsKoUix_Prq5i2tkJzyYDcO18GgC-5w70N1PLhtZ0wASPzIfu3gPgBAOQBgGgBk2AB53QkZIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoDmAsByAsBgAwBsBPQ5cgN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRofSA57zkT0eZZVoBOh791kw%26sig%3DAOD64_3qiRv35MgbTpb4bk5UPVzmHETF-g%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-CYsIoEKkhdlGIZQb6TU__i4cRLqDVtp0Uj4D75oSaOPlueawSaD3CD22Ziw-u2UA7-aC5zfJ8TJoBZP7pL9fP2YF08vDQhTCYdRUZc5E23oZwyeBtVwqPZn7QR64fhtaFVG8GM6XPXl0sVWNIY7NDYNcrt1w%26cry%3D1%26dbm_d%3DAKAmf-ANyHI75Yptk5ymWmmIbEhbhA3vVuWw6_bIGLWCYSYRfZtwm8YIn2B4VjbHSB6U3x0s_E0Zxq9l9lMt8uP5-5J1VoPmARBRc3KJKGCqAiY-Cuz8hSJ_NfUtNzvwI7DX8IPvS8miGAfF8SOViil0HcU6nUPK68bEii4vrUQ5BwGFGuhapjJxYOhGekKHxhOfJIR9QoZ-I7lCmfk1yz40wRnc_NS9F3sH1ibvpIs9tbO-ooxsjqo6RnIvZ3KI5jmrATYvh_LNhtmTIpwL8YfZl8YUEu33ElEzXhja6wOccaLFEHECVeB8aRbvs6vu0ggcy6nR8FJyxmtQ-gXbpiIFqg_aPyt80O9ZhHQrYifsWUlx1FQ3b3aVLvv_gNlAqRdDtHd_XGSdNeJuHlAMbgGLG0rVnU28BsJudeS2n0qhQn_WWW5gcltEt3nX_44BhiK-_CMqbha2jTm_PERRNdjAyI3SI5FU8A%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=1;crlt=885a97FsVi;sttr=97;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:16:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A363 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
main.gr.19.8.273.js
static.adsafeprotected.com/ Frame A363 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=24162870&campId=15160779071&pubId=1&chanId=285585637605&placementId=385011834&dealId=&adsafe_par&impId=ABAjH0gc6R60HZfrqAKvR4V-mBcP&bidurl=https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 17:46:21 GMT
content-encoding
gzip
age
477160
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 10 Dec 2021 17:31:00 GMT
server
AmazonS3
etag
W/"dbbed9b42f871ade260381ef78b0cd71"
vary
Accept-Encoding
x-amz-version-id
RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
MyaXsi6QFO_n4c_TKEn77OUDI6ORPjHqBzi-DFtQhEv9sD6Qn_ozrA==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6DFD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Dec 2021 05:53:44 GMT
expires
Fri, 17 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1516
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A363 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
279689dea41f9426af08caab70e6f7e892f6cd0af670dc9fad7cca8b85131300

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcQTP,pingTime:-10,time:796,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639635541397%7C%7C1126110a82113229412c044453873b3b%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C4842ffd038a262dc54a35f1ae8b7b3a6%7C%7C31335c88478c0b9ed28d0f1cee1c9ed3%7C%7Cbe633ee808a8ec7c3f3aee8487369bbc%7C%7Cfe5b338465bfae44c2e54e2063f04854%7C%7Cb30e0650da36596a646df1950953919b%7C%7C1629390669%7D
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 306D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Origin
https://nationalgeographic.grid.id
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 23:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 23:38:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 306D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538692;dc_ver=81.236;sz=300x600;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada51e73535c003580040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5525409;dc_adk=3381709067;ord=boupr3;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2Fb5b6a2e42a3c6a0e%2Fb6cf984e94721f3b%2F61bada51e73535c003580040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=110;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:16:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 306D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
r.js
q.adrta.com/ Frame 306D 		108 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/r.js?v=21.20&rcb=353725&cb=1639635537359
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1639635537359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.181.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-181-154.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
714eed23f4bb55c8606d0fb67d4e6de35c01525bea8ee8f4eae8fc7d43e10d73

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 06:19:00 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
108
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
m_ac.svg
cdn01.basis.net/assets/centro/ Frame 306D 		555 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.basis.net/assets/centro/m_ac.svg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
18f2f9dd38f10a8953b89c7bbc62bfabab9b4b39120af12be3ef90b1b86f60e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Jun 2017 16:35:18 GMT
server
AC1.1
age
29170
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
340
x-llid
ed05dc19fc5fb25dddafece846296ba1
ac.svg
cdn01.basis.net/assets/centro/ Frame 306D 		671 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.basis.net/assets/centro/ac.svg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
61ab9e52772309b371523082bf77c63298a2b1e166ed7309776bd87193b194b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Jun 2017 16:35:10 GMT
server
AC1.1
age
29170
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
399
x-llid
3fb2c215ea507d573590c45b5212350b
asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame E79C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?nid=64&wb=1&hdid=0&gdpr=1
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date
Thu, 16 Dec 2021 06:19:00 GMT
server
AC1.1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C088 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538977;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada5100c25e5b03560040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5473103;dc_adk=2550189219;ord=m3z26p;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2F2a14bd4dc4a85164%2Fb6cf984e94721f3b%2F61bada5100c25e5b03560040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=96;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:19:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame C088 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538977;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada5100c25e5b03560040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5473103;dc_adk=2550189219;ord=m3z26p;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2F2a14bd4dc4a85164%2Fb6cf984e94721f3b%2F61bada5100c25e5b03560040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=96;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:16:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C088 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst28N68AMEf63SAEU7PHIUu6aU-P7PCRFo3sab0PS8rIPZ1Q9VW__PuaGFUkepODA8p2858OMajeSf5BcitrPJoA6zL8OueI7VypuKOk3cuwok4YI7hYYOqpf43ZRX-2P9IM2Atc06qJrGel0bYVbam72W6vTRUDQfd78gIhQ&sig=Cg0ArKJSzIz0SMDIPj8gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.36031&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538977;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada5100c25e5b03560040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5473103;dc_adk=2550189219;ord=m3z26p;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2F2a14bd4dc4a85164%2Fb6cf984e94721f3b%2F61bada5100c25e5b03560040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=96;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C088 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538977;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada5100c25e5b03560040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5473103;dc_adk=2550189219;ord=m3z26p;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2F2a14bd4dc4a85164%2Fb6cf984e94721f3b%2F61bada5100c25e5b03560040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=96;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
11122021-144012717-Palantir_Branding_Campaign_Vaccines_Static_Digital300x250.jpg
s0.2mdn.net/10848750/ Frame C088 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10848750/11122021-144012717-Palantir_Branding_Campaign_Vaccines_Static_Digital300x250.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd931618eb7007eb05a6ec9f95218690fa4c1f2b35698aa93d807dd2cd17a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 05:28:03 GMT
x-content-type-options
nosniff
age
3057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88916
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 22:40:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 05:28:03 GMT
r.js
q.adrta.com/ Frame C088 		108 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/r.js?v=21.20&rcb=626778&cb=1639635537349
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1639635537349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.181.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-181-154.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5e65bdd37ea196761942d1db53901d7464f816621511598673fb3e028b584267

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Dec 2021 06:19:01 GMT
server
nginx/1.18.0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
108
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
m_ac.svg
cdn01.basis.net/assets/centro/ Frame C088 		555 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.basis.net/assets/centro/m_ac.svg
Requested by
Host: cdn01.basis.net
URL: https://cdn01.basis.net/assets/centro/ssac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
18f2f9dd38f10a8953b89c7bbc62bfabab9b4b39120af12be3ef90b1b86f60e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Jun 2017 16:35:18 GMT
server
AC1.1
age
29170
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
340
x-llid
04a59947609885d32eea10ab45dc8911
ac.svg
cdn01.basis.net/assets/centro/ Frame C088 		671 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn01.basis.net/assets/centro/ac.svg
Requested by
Host: cdn01.basis.net
URL: https://cdn01.basis.net/assets/centro/ssac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
61ab9e52772309b371523082bf77c63298a2b1e166ed7309776bd87193b194b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Jun 2017 16:35:10 GMT
server
AC1.1
age
29170
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
399
x-llid
72539275d289d2065f14a09f26a0061f
asyncPixelSync
pixel-sync.sitescout.com/dmp/ Frame FF2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/asyncPixelSync?nid=64&wb=1&hdid=0&gdpr=1
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date
Thu, 16 Dec 2021 06:19:00 GMT
server
AC1.1
view
googleads4.g.doubleclick.net/pcs/ Frame D94D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsun9mJtTxhSgh0PVBbL9hJupAPsWfqyg1FktxyPXFnwhPG47qEzxtzIGLXlkssUG6yLIJbkSXxPjbOEyBgK2r1zL3cBd18qPDmNkV3ThBFQlpjsWFOP7B8lGoH24j9pPjA3wTWIqsz9Z8XGWUggCMrmuzdU2Uugqr06uaBalI4lhH9jh27V49WTkS9oRVVK8a90yx3QC2JgrgUq7cMIGKC_BbQZjTIY2RL-VlWwkY0l128oCcJnFw0l83lNIHh2JcLXs_-SpifQh98ljnPVm9OJb-7V2zfW70U_7H0kMGUCFYnBFoy8M3rxjb_qqQiiaS3v9hbDOjhPzhgaSWupR0fY8OxIMKB3Ppa1sMFdZOzHwYXngYZ8Q6T5ZyaQhPf8fBlFdkg5JzSio7_e9-YQOoKLS18nJL6CdhXG_WDlmmwfOQRKiZ3Nj7t-ypWdbOA9WzEiSZoWbSDSpXYRfaurVI7S3HDEqQNCewxEN3QGxJQPwHXbRyC9VIZaD-UGNx59tHkCoUbPi4gZnB38rq0cme65xCk9HtJaGRBJsUzqbTexca9l-g5V5Yv2NitAthTgf909QU_nOPQnvaXtdlBdbrlzmfkjJmC2JvwMzOKX9o_y6n4UUTqNVvvw1FjJQK89g1mH0HEAaJrtjrAfkjbQeOZys_nEjOE--N4pjka4WisKafClMP0-j7aTn2TeczUi3qnHS1j3-hCJlbjQYQYUSwjJzKYI376Tnp14WSyEmS4wIC3522GvZEN-S9NaLF0JfDC65vI33f8Mo2YdLQMFUdFJQbLzECLNiq6u--GIYAHENPlel5B4gaZ880P3D55dfy6qqh0Xx7V-f-aig2NMpJzgahueXIbkbYOqwN-hMn6W4wtNswNPvWC8xwKA95MpoI8LEiO8-CZMa-58mv278-7ZD8240Ed7om9YYNFu8nNpcsz0meZ7l3by3uT9C8B8DorNjC8ayJniza7ItE4GEl-HOncweHetoNr36szF_iXBqzHajzPUjVGSTFEzobVCVtHX1ehmHOAk5sBrm4TL2d29YTmQYN4fOshiTOtiFXD4OdYwrmekMwix23_uyC-Z23iyYOSQvQV5bI20LbZ_-MDYOHM5zcptPRZx6FiPAlZoXShE5P7SpnoMQFosfAiFebPjpFhurgcBHJ3at8tgFgj9rAyl8iQK_EFtf8geaA4EKIUL33hS0C7KuD-3x8vtB0a322luWifwofmqore2nJt2-kcpIZmSsJQVTft2LVBhZ37E1dBNIg&sai=AMfl-YRBRu84lQnz82NaKwJSqVGVCKi8qjRrqpmpHiEePXZQcR4vAuM0LCGHoKpkwLMWtPgjKbIkVQ6OLLNNoK8HKKNd01cnA0_Wh85YefDpRjVc6zhf1FZIjfLLIvgxjaQT1RoVF7k71cLG4uYshTyHU1H7gemD0g&sig=Cg0ArKJSzLcy2QeTcGT4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=935&vt=11&dtpt=524&dett=3&cstd=407&cisv=r20211207.51997&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 1878 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 12:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 12:52:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 1878 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.1528591.SMRS.CO.UK/B26491818.316607110;dc_ver=81.236;sz=120x600;u_sd=1;dc_adk=943508953;ord=xm2mjn;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSuteUtq6YemPOvuB7_UPi6aTyAKj_puLZ_rCuJycDvAuEAEgytbjH2C7hr2D0AqgAcuv7u0CyAEJqQK-BMc2Vju2PqgDAaoEhgJP0AcY45ktDkDcFYB7Pqd477lpUe8rcOdniBmQ0X8x4xbgfIkBcg1LvpzPI7O6iESNc3XQA7pQHFFI0K_vFb4s5AYagcq1lP7Kr1HhVInltCVMFoyoTncvhLu9uSjrzJXAdI639Tdey3BbUEFcWbOiuhj6W1mRU68PoxE2AH6_BFt9fZIMpQwO48aMDsCQ5rFu9fZYW7fFWYpoKyIsCWM-KB6n0ojEgbg55gHcyId6Gmn2mzF0Bd-zaelCYASlV8l7D6CFCnpjAwLsjPAp62LSVcvk7VNXzaOJWTIRWtodwQvz-lhjLy6BNX7w_vB13FHDRfBaW5MISF83D4RwuxbUWl9V0a2iwASPzIfu3gPgBAOQBgGgBk2AB53QkZIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoDmAsByAsBgAwBsBPQ5cgN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo7VVAohsyDiFoxGqg0uqDYw%26sig%3DAOD64_1QC7QYRhnorsL-QksuewKQ6YOCIQ%26client%3Dca-pub-7784034061253020%26dbm_c%3DAKAmf-AzUOZxCgN8F0dOjllh_-WSzvcIAriv6GpWC_8I0YI9Vdve65YsgM-oFlF1dTz70mYMgyvF_a6D0F1JEgKXXnrOcP_dYTTE4XdsslUxqbIjhUNYu-rndvy7VXR9bV2WC1NBHu05izlkHf7rw432GESaXm8liQ%26cry%3D1%26dbm_d%3DAKAmf-AYXm9fBQXphNXQSzG2sanzjgG6xmNYDD42p8TgafGXVaUupXSNeyD9Xk4LXRLflt9eGbKiZFjTwtWbb9nXxtCFEDdS5Rdgr4iSycv1hinx-6cgN48RgNXYvm60WFxxdLngZHI-qcNyzNb67PS83vH5rEs4IL7urGmYWESCwoeMh-TgxJk2NiQ8HBTzy0zAh_ft2X8uuAvhNZ-Gx5fPn15MpART1xCBNSV7J6BgM_XRqvKxdv4ELY47EfFy8XJYY8qM5CdmwSzHfoFwKMmUzOJCITy1q9Pz_lz6V1VPRvDpV0hTkmQTdGpDG2EZLZFD11Nc5mVA0vnGIEd4kYU0Ua3ijYAqh9sRZSqoDfvGzbynjjnqCKiN-1HJu2WJrkcr-P_SXqdifmLTptumN1Sz0Rz-3iGNy1V_-2Xihw4jWXN6AcsnjIm_EYSFQO8653aCIWc0SFAkclpX_LQGrwfvCWw1tLzpVw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=1;crlt=885a97FsVi;sttr=71;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:16:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1878 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 11:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Dec 2022 11:30:32 GMT
main.gr.19.8.273.js
static.adsafeprotected.com/ Frame 1878 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=24162870&campId=15160779071&pubId=1&chanId=285585637605&placementId=385001448&dealId=&adsafe_par&impId=ABAjH0iVCSOHRTppseu9JlyADcKs&bidurl=https://nationalgeographic.grid.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 17:46:21 GMT
content-encoding
gzip
age
477161
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 10 Dec 2021 17:31:00 GMT
server
AmazonS3
etag
W/"dbbed9b42f871ade260381ef78b0cd71"
vary
Accept-Encoding
x-amz-version-id
RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
_ARBId7LYqBWuTcxtMghDvvKyXezKGKWdMTxm4rV-OksYoHOihW1iQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BDCB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Dec 2021 05:53:44 GMT
expires
Fri, 17 Dec 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
1517
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1878 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33961044e460a6a9e9feba299df9df93aa769b4ff9fd3c0a1b4b393e5dfb3058

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
file.mp4
r3---sn-aigl6ner.c.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 33CA 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-aigl6ner.c.2mdn.net/videoplayback/id/63bbe928945447da/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3782394996/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81C4A935B28FCC69D097F6D894BB9D80827D0346.32B0DAFFEDB55D2716D1BCB6F1DAACB7894C3A70/key/cms1/cms_redirect/yes/mh/js/mip/2001:ac8:21:23:2da::1/mm/42/mn/sn-aigl6ner/ms/onc/mt/1639635156/mv/m/mvi/3/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:10::8 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
cc02acefb5a03e9f29cd49ab8d922d81d98fad29105c9522370936b86f28ec83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2116532/2116533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2116533
expires
Thu, 16 Dec 2021 06:19:01 GMT
last-modified
Fri, 26 Nov 2021 17:16:35 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
client-protocol
quic
Volvo_Black.png
s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/ Frame 90F3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/Volvo_Black.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 09:11:53 GMT
x-content-type-options
nosniff
age
421628
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4824
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 14:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 09:11:53 GMT
Flash.png
s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/ Frame 90F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/Flash.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 13:18:42 GMT
x-content-type-options
nosniff
age
493219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3431
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 14:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 13:18:42 GMT
Floor_extend2.png
s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/ Frame 90F3 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/Floor_extend2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 09:53:59 GMT
x-content-type-options
nosniff
age
419102
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57259
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 14:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 09:53:59 GMT
Spritesheet_XC40_MY23_4.jpg
s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/ Frame 90F3 		783 KB
783 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/Spritesheet_XC40_MY23_4.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9087095035043774464/cbv_master_d2c_tacticle_html5_xc40_bev_html5_banners_970x250_uk/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 10:31:04 GMT
x-content-type-options
nosniff
age
416877
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
801309
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 14:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 10:31:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A363 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:19:01 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/ Frame 733E 		73 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=Ojza5ph9n4&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cae022298b8aa4e5cc59ce3e51b6f3ed7a7b2ee804853ec35d11f2b04571813b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
19115
date
Thu, 16 Dec 2021 06:19:01 GMT
expires
Fri, 17 Dec 2021 06:19:01 GMT
cache-control
public, max-age=86400
last-modified
Tue, 05 Oct 2021 12:37:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A363 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugZQxudbX0NXCmDs2UB7oNJFL5-cX0xzGSa_odGGriIfAgpzKoPUIlTtPjY_H5ul6UENFwyrLFHWKDdOxpAj8MGT_ldyOOaxzb2bBKLIzWmpS_MShew_A1ubDgmE8PcqaNpis9BPDPKOksUUwmOE5CKRLCNjCT8zb9hQ&sig=Cg0ArKJSzBlclN3bRPWIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=356&cbvp=1&cstd=349&cisv=r20211207.47324&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 306D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:19:01 GMT
index.html
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0968958973d172d6d0a05b5de60052a45e93763b31aa8c1e3c68822756131d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2381
date
Wed, 15 Dec 2021 08:39:31 GMT
expires
Thu, 16 Dec 2021 08:39:31 GMT
last-modified
Tue, 21 Sep 2021 16:45:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
77970
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 306D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUG6wKD2daM-SvsyYO0VCJ_mXMGfgPKIi_PXTPAF0xg_uIIEDYaZHmcmvofyOpAmXAbWXzY-Jdp9p9h8l3j7hxssRnWDUH-eWUdfrd-rHr9nxaAwEYLarJODm18l0o_2gGu3imoo2w9P4hFvkcfwcIQd_Nl7zp_aqTJUZKNw&sig=Cg0ArKJSzGtdtUVEvTFCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=258&cbvp=1&cstd=256&cisv=r20211207.65024&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame C088 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst28N68AMEf63SAEU7PHIUu6aU-P7PCRFo3sab0PS8rIPZ1Q9VW__PuaGFUkepODA8p2858OMajeSf5BcitrPJoA6zL8OueI7VypuKOk3cuwok4YI7hYYOqpf43ZRX-2P9IM2Atc06qJrGel0bYVbam72W6vTRUDQfd78gIhQ&sig=Cg0ArKJSzIz0SMDIPj8gEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&vt=11&dtpt=246&dett=2&cstd=0&cisv=r20211207.36031&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N428001.3027484BASISDSP/B26784774.318538977;dc_ver=81.236;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=1;nel=1;u=417956%257C61bada5100c25e5b03560040%257C%257Cnationalgeographic.grid.id%257CPALANTIR016CP_%255BCTR%255D_Display_Geo%2528UK%2529%257CWEB%257C1895699%257C5473103;dc_adk=2550189219;ord=m3z26p;click0=https%3A%2F%2Fclickserv.sitescout.com%2Fclk%2F2a14bd4dc4a85164%2Fb6cf984e94721f3b%2F61bada5100c25e5b03560040%2F0%3Fgdpr%3D1%26r%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fnationalgeographic.grid.id%2F$0;xdt=0;crlt=HQnj.08yGw;gcsr=m;sttr=96;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 368A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1878 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Dec 2021 06:19:01 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/ Frame E97F 		73 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=cpwSHRh1bb&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
801d19393cb04ec223da9ba1db93ec1fb2bbee12d7a7411ec3353cb77cbaabc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
19113
date
Thu, 16 Dec 2021 06:19:01 GMT
expires
Fri, 17 Dec 2021 06:19:01 GMT
cache-control
public, max-age=86400
last-modified
Mon, 04 Oct 2021 13:25:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 1878 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlz_6EIIqPcyN5WY25xSf0oSOp62IW94SWrQRlwXNNbwtHmIC0y6wVMu90wge3DoCW2phNGVn6AIG_LpJztNdpX2bbu8uYbUIyyP2kOeNVnU_-R1iVSjG8_WGbTeVdbRHRpd1QuLJAWXly52xpJYcEnPAP1UrnizQjQQ&sig=Cg0ArKJSzFoRJ7i_PszqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=271&cbvp=1&cstd=267&cisv=r20211207.78967&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cdnf.js
pix.adrta.com/ Frame C088 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=22.90
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1639635537349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-23.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
gQKNnPDF2oRplSlO3PhR6NV_ppMFdCpa
content-encoding
gzip
last-modified
Sat, 04 Dec 2021 05:41:34 GMT
server
AmazonS3
age
66083
etag
W/"684ed23431ba46a7fc6c71928e6e4ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
date
Wed, 15 Dec 2021 11:57:38 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MqSr0eH0Xpxz0p0f5GVVnMwTVmaWVJxQm2l5KupSpiMY9b2KE9-4Ig==
sca.17.5.12.js
static.adsafeprotected.com/ Frame EF71 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
6559831
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
CH0dDoPwYrCrwCyPm5FSN05USn_ldIAo8P-AhzrzWFSOgkH2k5zmAw==
mon
pixel.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=24162870&campId=15160779071&pubId=1&chanId=285585637605&placementId=385011834&dealId=&adsafe_par&impId=ABAjH0gc6R60HZfrqAKvR4V-mBcP&bidurl=https://nationalgeographic.grid.id/&adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:572a99ac-20b0-1b31-b2ae-ddce12007fc3,c:wWcR0r,sl:na,em:true,fr:false,thd:1,mn:app04ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:485,fm:sRJBDqP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:525,oid:0ea078fc-5e38-11ec-812b-061b2abdf756,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-66-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/hb/kompasGramedia/grid.id_desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:14 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300709-1af3-5c4c7cca9e573"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=103045
accept-ranges
bytes
content-type
text/javascript
content-length
2267
expires
Fri, 17 Dec 2021 10:56:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F2A5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlk60i-vvF9WNWth1G8vi-dr5ZkAN-21nS95JIGxOqNu7I7feV41It2gOpemFN5zxQ-uqd8OeSyaos9bX2OlBMrHhlUNAXaTvxCwQ-nolu-6M1K00NiA&sai=AMfl-YSDt27VZk_eGiRmkze_NEWrfFG5R_DViFpyz5AS6RM4daSoKt75hM1-seq-70zV2HkxEt_9-YEig8oFu_ThIYVMRIkWpYudKFIu8ivVu43TpRc-qURGdu86wiU&sig=Cg0ArKJSzKQXvgrUfYaGEAE&cid=CAASEuRoUKGGYKaRaQC0-dRk2S6dOw&id=lidar2&mcvt=1135&p=1150,566,1214,1034&mtos=0,1135,1135,1135,1135&tos=0,1135,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&app=0&itpl=20&adk=3327855457&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635540075&rpt=643&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdnf.js
pix.adrta.com/ Frame 306D 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=22.90
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/aa.js?cb=1639635537359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-23.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
gQKNnPDF2oRplSlO3PhR6NV_ppMFdCpa
content-encoding
gzip
last-modified
Sat, 04 Dec 2021 05:41:34 GMT
server
AmazonS3
age
66083
etag
W/"684ed23431ba46a7fc6c71928e6e4ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
date
Wed, 15 Dec 2021 11:57:38 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
DUaqDQs8cDllGqHL8PMB9dbg-_hOVBWRVcClS7xPNcoED3NjMu4AGw==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D784 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 446C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
google
match.adsrvr.org/track/cmf/ Frame 6DFD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPWw2ls8ZQV_ojPUAK0uEbo&google_cver=1&google_push=AYg5qPKusDy9IcwZV19eHWTove0SO1WVMQidwsGhwinAA75cWP_Syo19T0r1MkRIL7WL9Z1KvsouUr_VvnUbUxHmnNqA0z1asu0
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6DFD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENwoP1Erhdm2Bmswf-aDfcU&google_cver=1&google_push=AYg5qPKiFxJxfxC-oIoWhzRPCkv-jfjfkFTR06QnAKGHNnbt8juoNDsEMPEavoqNIEWAyRB6K4wfUbh_k7XBVy97EeDB...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKiFxJxfxC-oIoWhzRPCkv-jfjfkFTR06QnAKGHNnbt8juoNDsEMPEavoqNIEWAyRB6K4wfUbh_k7XBVy97EeDBv5TrpVk&google_hm=efuhFjPNSY2IAX0Ty35dgw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKiFxJxfxC-oIoWhzRPCkv-jfjfkFTR06QnAKGHNnbt8juoNDsEMPEavoqNIEWAyRB6K4wfUbh_k7XBVy97EeDBv5TrpVk&google_hm=efuhFjPNSY2IAX0Ty35dgw==
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKiFxJxfxC-oIoWhzRPCkv-jfjfkFTR06QnAKGHNnbt8juoNDsEMPEavoqNIEWAyRB6K4wfUbh_k7XBVy97EeDBv5TrpVk&google_hm=efuhFjPNSY2IAX0Ty35dgw==
Date
Thu, 16 Dec 2021 06:19:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6DFD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRWN-1RQWju55p-UkyfsXk&google_cver=1&google_push=AYg5qPK0zXSia6_NIAYDtYe1nkUmAqcpghtb0RpHPXNjriYuVHszAFEmm1Qt6VSMujmrDDyzh96RVJ51CikHdFVD2gTN59A...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0zXSia6_NIAYDtYe1nkUmAqcpghtb0RpHPXNjriYuVHszAFEmm1Qt6VSMujmrDDyzh96RVJ51CikHdFVD2gTN59AxNdI&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0zXSia6_NIAYDtYe1nkUmAqcpghtb0RpHPXNjriYuVHszAFEmm1Qt6VSMujmrDDyzh96RVJ51CikHdFVD2gTN59AxNdI&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Dec 2021 06:19:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK0zXSia6_NIAYDtYe1nkUmAqcpghtb0RpHPXNjriYuVHszAFEmm1Qt6VSMujmrDDyzh96RVJ51CikHdFVD2gTN59AxNdI&google_hm=NTA3NDc4NzY4Mzc5NTI0NzY3
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 6DFD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPLkoGdwsw_OBEJsjJsjGJqxD4wKrpFmmDzrIXo81E4s3rDuxejrp6eM6p7_zsB61FLJBV33YrZM...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLkoGdwsw_OBEJsjJsjGJqxD4wKrpFmmDzrIXo81E4s3rDuxejrp6eM6p7_zsB61FLJBV33Yr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLkoGdwsw_OBEJsjJsjGJqxD4wKrpFmmDzrIXo81E4s3rDuxejrp6eM6p7_zsB61FLJBV33YrZMbOmEu-R4Z0PQFkDEsQ
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLkoGdwsw_OBEJsjJsjGJqxD4wKrpFmmDzrIXo81E4s3rDuxejrp6eM6p7_zsB61FLJBV33YrZMbOmEu-R4Z0PQFkDEsQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 6DFD 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA9ZlzJTTO9-of-wDu5jhKo&google_cver=1&google_push=AYg5qPKevi8KNPQPB_GEoccq5f3_GueGoHOKHc925SFx63DAVlUULHNgi8CLTZUVg3EzD5HEvo_EwyyWHFLNhYnjSkVuYulIllY
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6DFD
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7th2...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEOOggavjcs4CvBi66npHjn0&google_cver=1&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7t...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7th2IOCjpBU9WH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7th2IOCjpBU9WHeaCxCugfZs3iNqkUbI8FAToOXgOrd_u9M
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwZjM4OWFmOS01ZTM4LTExZWMtYWYyZi0wYWIyNTY5ODIwMmY%3D&google_push=AYg5qPKB817SmQE6Qqvpi_5tlOFi9fMtRZrNPTIAsnlH67UC3mJH7th2IOCjpBU9WHeaCxCugfZs3iNqkUbI8FAToOXgOrd_u9M
date
Thu, 16 Dec 2021 06:19:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dot.gif
s0.2mdn.net/ Frame 6DFD 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEDkzXIPai3szhXEFdLLrXZo&google_cver=1&google_push=AYg5qPKzOameTSej19UFJ5H4vKXGR9u3rely_PIc94vCmGUVFANJobnKPZAL5Ev_SqS5E3KsLy_VAyDkASRRjlAKJbxYbTWKODCU
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 06:19:01 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6DFD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5hlqdDMYtVA1xPzlchN1yYgnzm-PhO8YgTom2U9elxXHTKGrb_e-dcYUTOhlBQxWsJnME-30
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcR1K,pingTime:-2.1,time:1287,type:a,im:%7Bpci:%7Btdr:1068%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:34%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1287,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1277~0%5D,as:%5B1277~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:353,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b.847999-57777460%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a.572a99ac-20b0-1b31-b2ae-ddce12007fc3.93_10933%7C1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:102,readyFired:false%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcR1S,pingTime:0,time:613,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:524%7D,%7Bpiv:100,vs:i,t:613%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:613,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDqP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcR1W,pingTime:-3,time:617,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:524%7D,%7Bpiv:100,vs:i,t:613%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:617,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~100%5D,as:%5B4~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDqP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcR1X,pingTime:-6,time:618,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:618,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5~100%5D,as:%5B5~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDqP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:nationalgeographic.grid.id*&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FC7A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 15 Dec 2021 11:30:32 GMT
expires
Thu, 15 Dec 2022 11:30:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
67709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame D94D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7CQHHUEXUS62A2jJMnaXMWviOSIy1BKyoAcsh50_C5G7Xq_D7jzi_CrsjyxzQiu8gCOHaVpfZIQs4aVmkxBKAgq4xmMMsKcJb320tHEelSiChqoh_vg&sai=AMfl-YTL82ARCstXMYMG4wFSh9WQxqeHqbs40z0E4UZf-EVZIadrL3BQ4M9R9VUDxbpKBiKdw75oAXcVhJB5N5QwS9XSZiWrUDEVirdpRK1ykKs5uJ-kE1Hh5TUhdSs&sig=Cg0ArKJSzHmgzFevfhFnEAE&cid=CAASEuRo4Z4wohg87glMA0MlUP3Arw&id=lidar2&mcvt=1079&p=266,315,516,1285&mtos=1079,1079,1079,1079,1079&tos=1079,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3567496413&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635539962&rpt=795&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.5.12.js
static.adsafeprotected.com/ Frame 38E6 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
6559831
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
zXE8kVIbpAbsVqCgX47Q4Tlq3UxlAnIXhr-wlhnguJxaT6NWsy7c8Q==
mon
pixel.adsafeprotected.com/ Frame 1878 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=24162870&campId=15160779071&pubId=1&chanId=285585637605&placementId=385001448&dealId=&adsafe_par&impId=ABAjH0iVCSOHRTppseu9JlyADcKs&bidurl=https://nationalgeographic.grid.id/&adsafe_url=https%3A%2F%2Fnationalgeographic.grid.id%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:38080026-4eb7-277c-d0cd-03e33d544e64,c:wWcR2T,sl:na,em:true,fr:false,thd:1,mn:app05ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:451,fm:sRJBDu0+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:480,oid:0ea079c3-5e38-11ec-ab53-02bf2b86cc68,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.66.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-66-137.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
app33.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcR3x,pingTime:-2,time:716,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1216,beZ:1217,mfA:1702,cmA:1704,inA:1704,inZ:1710,prA:1710,prZ:1732,si:1741,poA:1742,poZ:1758,cmZ:1758,mfZ:1758,loA:1834,loZ:1837,ltA:1932,ltZ:1932,idA:1758,idZ:1804%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:120.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:524%7D,%7Bpiv:100,vs:i,t:613%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:716,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B103~100%5D,as:%5B103~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a.21cb7ad4-e139-178b-bb70-42f64639faa3.101_847999-57777490%7C1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:191,readyFired:true%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
css
fonts.googleapis.com/ Frame 733E 		662 B
351 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Aleo:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=Ojza5ph9n4&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c652842123aa68b6a963cbd5c40dad40189cf9ab8809894e44ca0f271bd95f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 06:08:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 06:19:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 06:19:01 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 733E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=Ojza5ph9n4&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=Ojza5ph9n4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 03:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 03:01:28 GMT
createjs.min.js
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 12:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63907
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 16:45:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 12:22:45 GMT
21-TLG_PALANTIR-004-Display-Millions-300x600.js
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		245 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/21-TLG_PALANTIR-004-Display-Millions-300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bab55278b7b93eef66dd62e1f37c4a987dde388a917274bb7ba21f41044e244e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 07:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26928
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 16:45:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 07:48:59 GMT
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcR4E,pingTime:-2.1,time:1213,type:a,im:%7Bimprf:%7Bttecl:889,ecd:43,tsecr:61%7D,pci:%7Btdr:657%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:33%7D,%7Bpiv:100,vs:i,r:,t:822%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:391,o:822,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B814~0%5D,as:%5B814~120.600%5D%7D%7D,%7Bsl:i,t:822,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B391~100%5D,as:%5B391~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:630,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a.847999-57777490%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b.38080026-4eb7-277c-d0cd-03e33d544e64.121_10933%7C1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:96,readyFired:false%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcR50,pingTime:-3,time:610,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:479%7D,%7Bpiv:0,vs:o,r:l,t:610%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:610,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDu0+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcR5J,pingTime:-6,time:655,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:655,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDu0+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:nationalgeographic.grid.id*&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame BDCB
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLbSRkmSha9tfTdPeJm0ze5XZ2FwjGFflaCogw...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJyYVVRQU1VckVLY0FCUg&google_push=AYg5qPLbSRkmSha9tfTdPeJm0ze5XZ2FwjGFflaCogwam5noVTXkCXNrPVZ_Z9MtA4VWRsLPW7Th64iqMqD18Tk0lgraU0D2seA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJyYVVRQU1VckVLY0FCUg&google_push=AYg5qPLbSRkmSha9tfTdPeJm0ze5XZ2FwjGFflaCogwam5noVTXkCXNrPVZ_Z9MtA4VWRsLPW7Th64iqMqD18Tk0lgraU0D2seA
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJyYVVRQU1VckVLY0FCUg&google_push=AYg5qPLbSRkmSha9tfTdPeJm0ze5XZ2FwjGFflaCogwam5noVTXkCXNrPVZ_Z9MtA4VWRsLPW7Th64iqMqD18Tk0lgraU0D2seA
Date
Thu, 16 Dec 2021 06:19:01 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame BDCB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJyYVVRQU1VckVLY0FCUg==&google_gid=CAESEOco14orfyTGONSBSe6kEl8&google_cver=1&google_push=AYg5qPIMGr6PnPn2cQgnhJdKosIIC8n9EK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJyYVVRQU1VckVLY0FCUg==&google_gid=CAESEOco14orfyTGONSBSe6kEl8&google_cver=1&google_push=AYg5qPIMGr6PnPn2cQgnhJdKosIIC8n9EKHmxYL_OPJqLMuM8AFZc4XOK38KRIZKwoG8jmG5Bd5Pg8afX8FxJdrIeiDzI1Qbc04
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1639635542.690829,VS0,VE0
x-served-by
cache-lcy19271-LCY
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJyYVVRQU1VckVLY0FCUg==&google_gid=CAESEOco14orfyTGONSBSe6kEl8&google_cver=1&google_push=AYg5qPIMGr6PnPn2cQgnhJdKosIIC8n9EKHmxYL_OPJqLMuM8AFZc4XOK38KRIZKwoG8jmG5Bd5Pg8afX8FxJdrIeiDzI1Qbc04
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame BDCB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPWw2ls8ZQV_ojPUAK0uEbo&google_cver=1&google_push=AYg5qPK6jzQJ-7jPp5UD23vBGMd8TCBXuHq4F5kzmYCjmum6C6-ivShZ_-PZ5lQNllmyJZ6_bOhUy7Ff4c7jtohhSFbzCUJTAg
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BDCB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPKMxCHyje4jWEBwI1ExFdvkAvjJbwbI1pt6Bj9BYyEJ_IS516Rnv8mlbFFgB0GMC8nsvQXjzVEz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKMxCHyje4jWEBwI1ExFdvkAvjJbwbI1pt6Bj9BYyEJ_IS516Rnv8mlbFFgB0GMC8nsvQXjzV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKMxCHyje4jWEBwI1ExFdvkAvjJbwbI1pt6Bj9BYyEJ_IS516Rnv8mlbFFgB0GMC8nsvQXjzVEz7IS143R0GUOT_uJNaWQ
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPKMxCHyje4jWEBwI1ExFdvkAvjJbwbI1pt6Bj9BYyEJ_IS516Rnv8mlbFFgB0GMC8nsvQXjzVEz7IS143R0GUOT_uJNaWQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame BDCB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM22PQ0eIwaxW9eutxYBk-8&google_cver=1&google_push=AYg5qPLyUfBw-1ESnwrHG6vjSb8EZqSkXdh9YLIg5ib9GKiCRYHWCz1mpp7n-jKMZLOzwGHJE2L_g-O_...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLyUfBw-1ESnwrHG6vjSb8EZqSkXdh9YLIg5ib9GKiCRYHWCz1mpp7n-jKMZLOzwGHJE2L_g-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLyUfBw-1ESnwrHG6vjSb8EZqSkXdh9YLIg5ib9GKiCRYHWCz1mpp7n-jKMZLOzwGHJE2L_g-O_yCWmpCmlZ87pR_507kE
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk4NzQzNzcwOTA2ODI3MTY3OA&google_push=AYg5qPLyUfBw-1ESnwrHG6vjSb8EZqSkXdh9YLIg5ib9GKiCRYHWCz1mpp7n-jKMZLOzwGHJE2L_g-O_yCWmpCmlZ87pR_507kE
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame BDCB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIuizh9AZg1jfFo7lPApm4a0Cf1fzwJoqrfYgj6sdlzqP-UEKgvudmTgBvD7NiscCS45H94AShchnlS28-PeuYH5O3gpaI
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIuizh9AZg1jfFo7lPApm4a0Cf1fzwJoqrfYgj6sdlzqP-UEKgvudmTgBvD7NiscCS45H94AShchnlS28-PeuYH5O3gpaI
date
Thu, 16 Dec 2021 06:19:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame BDCB 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEA9ZlzJTTO9-of-wDu5jhKo&google_cver=1&google_push=AYg5qPIuOSCNfu-X6cirYc8vpNoB4P7GmsbIzXca3Tf2Ra-US6ZoLQeUqujoI6FlxX5XQ3Xp2TKYNU1T7WG1bEC9yAacD_k5ChY
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BDCB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IX8nCiIqsIiVwWbMu9FXgn8JNUVndezpEOfTZDz7ctyydQ_AC6SFoH71UkqDFB_Yvp0bU_
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A84 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskqkh7-cOT8QjYlQR8RHxc9c7T3BD5nXcWNQ9kXC3luDaSHqwtkqNK5qea7Qun772liC6KY41AAhZXfE2xYdzxqA84uW6qsBHi6b1PHdETSJKaUn-Y&sig=Cg0ArKJSzL4dl8Prp7H_EAE&id=lidar2&mcvt=1169&p=551,1035,552,1036&mtos=1169,1169,1169,1169,1169&tos=1169,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=737230165&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635540046&rpt=921&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C71 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Wed, 15 Dec 2021 22:19:03 GMT
expires
Thu, 15 Dec 2022 22:19:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FDBF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
73d1a396d2811e1352820cc9b38465b4c44dd93eeb08ae7ae5d119532c586847
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wokrTrf37yqLu4CaFK5kBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 16 Dec 2021 06:19:01 GMT
date
Thu, 16 Dec 2021 06:19:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wokrTrf37yqLu4CaFK5kBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
action
www9.smartadserver.com/track/ Frame 7A84 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www9.smartadserver.com/track/action?sid=1639635540318&pid=1293733&iid=9639797&cid=0&key=viewcount&rtb=1&rtbbid=239924135312065920&rtbet=0&rtblt=637752323373435169&rtbnid=3727&rtbh=3278830e88321b2b5673a8ac4888f765411c698f&ts=1639635540318
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
transfer-encoding
chunked
content-type
image/gif
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcR6M,pingTime:-2,time:720,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1409,beZ:1409,mfA:1860,cmA:1861,inA:1861,inZ:1862,prA:1862,prZ:1884,si:1889,poA:1889,poZ:1901,cmZ:1901,mfZ:1901,loA:2064,loZ:2065,ltA:2129,ltZ:2129,idA:1902,idZ:1945%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:120.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:479%7D,%7Bpiv:0,vs:o,r:l,t:610%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:720,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b.771792ce-fbaf-ed31-f743-f9726433c57d.119_847999-57777460%7C1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:240,readyFired:true%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B7D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzESpU9q6YfHdMpiUgQfD6qSYCgAAAAA4AeAEAg&bg=!pqWlpeHNAAZKWFskSlg7ACkAdvg8Wgtmy83wdK9asU3vb_mRzvbgdTYta5RdJxfhau4gEJhkkc0xQgIAAAJJUgAAAR9oAQcKACHh0cuJwDOBL_MbAqjYvSDgWzUXwunvKJC3cXAoOjK3FnmZAwRRRR1EAJDQ5ZUygcYUmIfY-Wl3VvncHacm_17KKhLDl4ZxBrzfTAzxS2ds1mFcCO9d1pC18WG0eqx2uo0hL4gjrP4Y6c4rC-1Pozv6UCw4Cpgpd_Y9U4-qO0lW2nIbO1XPC1SLTheunPjl7Ol1aBcF4IFz72c1297lUI557yoAc3J95F7b9M8RvLr2qUrvxhJVG0mn_ONQUdNJkUpAyllLpqrFfTEZuETFBW8E2e7zvTtjaMsQlqROkAaFEIWQq7bVv3AI06M4PU2HD6qbJGDqiRJ4h3G5q2VHATGoMg5gS0kisAQ_BDwnN4IQb_bUt4eJtUknItlNd6g40LSlDwynOopoK2mhr1EqduUxMFUigaGBEQ_ewUDaBzaP4vhWQuqO-FYPBfKBQOaAeVWvxeUTknt3028bWIscKvfSeecuZX9Gw93dXSKjrZyyYw-xv80AqQz4kk5gfGqrLIIDk4vEuVGfluqW9mX0PRSuHMWBCRZuHjrZxKcNtPSq_1ERqgWCh1snJULP4qA7sMTSoxhw1h5FUJW_03hCIcyF6xN884zcZkFZq488BBoK82w2oibaOc5ZYGKyeJ8xH2Oyy0LoAoFbfxE39NW16hrAjwBHbfzgjAQzz_6aiBsD2ue1BcAPlHGQIajn2rSRi5ynLP29gXNlD8_iPqrEpTWyOuh-Q3AM0f3QE3JnbpJ524ov46RgTGN9WENRIoiPoh_l3kA4GXuaiOgbd1NZOtcI-rJ21uDjVSDTw_93re_OHRyv_z7rucQgvCVLJ7iYeuIn62rus4GvTcGlomuXuhqiXB6sGOpL-phaDENtX71IkGQyY4jZVV0Rz3rSnJP3ZpOqcawuUjxZ7oOT4rrps5oNaJ-lVYLZRhwHV-rHzIWn9_b7QUS1_zG-hRqOExsn4sqq5nttW2cHY91PpVwO5kRVBvWMYuGbfGoVusKhBQscM8ICnia5NW6ne00EkcYAmSiAqIA2arPa4cHtxiHz_KWGi55BzyR66YDMdt0EQtou2Rl9NiU9SfWN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ipv6.adrta.com/ Frame C088 		133 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1639635542231
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b03:4fa2:7755:ddb4:2837 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 / Express
Resource Hash
f318c2d9794514096e78e669683ed1baf7e6ae5a1e257d1761ec73680f4ca86a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3
x-powered-by
Express
etag
W/"85-kDP0qHPD0JzQlYZUTvYm2YgtSyk"
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame C088 		144 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=35377816&__aasv=22.91&__aaii=5021895405631168010&__aait=1639635541010&__aavz=0&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=1&__aahd=%7B%22chrome%22%3A1%7D&__aarf=3&__aart=3&__aacd=1&__aaax=0&__aaay=0&__aasz=300x250&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1639635537349&__aaxf=89.238.142.214%2C%2010.1.1.64&__aaci=ss&paid=ss&avid=112053&caid=1895699&publisherId=3727&kv5=&plid=5473103&segment=3288&kv4=89.238.142.0&kv14=&kv1=300x250&siteId=363584&kv7=64&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=61bada5100c25e5b03560040&kv3=&kv55=1.0,1!smartadserver.com,3727,1!centro.net,64,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&kv2=https%3A%2F%2Fnationalgeographic.grid.id%2F&__aapu=https%3A%2F%2Fnationalgeographic.grid.id%2F&__aapr=&__aatu=https%3A%2F%2Fnationalgeographic.grid.id
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.27.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-27-65.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
b1c56f199c51aba42751d11e1df29feac165e5e8f93c7bacaddc72eebaa4c8ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
content-length
101
expires
Thu, 01 Jan 1970 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcR7n,pingTime:-10,time:1382,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639635541397%7C%7C1126110a82113229412c044453873b3b%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C4842ffd038a262dc54a35f1ae8b7b3a6%7C%7C31335c88478c0b9ed28d0f1cee1c9ed3%7C%7Cbe633ee808a8ec7c3f3aee8487369bbc%7C%7Cfe5b338465bfae44c2e54e2063f04854%7C%7Cb30e0650da36596a646df1950953919b%7C%7C1629390669,sca:%7Bspg:21cb7ad4-e139-178b-bb70-42f64639faa3%7D%7D
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcR7t,pingTime:0,time:763,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:479%7D,%7Bpiv:0,vs:o,r:l,t:610%7D,%7Bpiv:100,vs:i,r:,t:762%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:762,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~120.600%5D%7D%7D,%7Bsl:i,t:762,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~120.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b.771792ce-fbaf-ed31-f743-f9726433c57d.119_847999-57777460%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
css
fonts.googleapis.com/ Frame E97F 		662 B
351 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Aleo:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=cpwSHRh1bb&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c652842123aa68b6a963cbd5c40dad40189cf9ab8809894e44ca0f271bd95f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 05:26:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Dec 2021 06:19:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Dec 2021 06:19:01 GMT
/
ipv6.adrta.com/ Frame 306D 		133 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1639635542253
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:b4f:4b03:4fa2:7755:ddb4:2837 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 / Express
Resource Hash
51eb7210023b3d8b0c3103b4bb11fc699f48f87adb74f44bf82ced2793f1a5d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3
x-powered-by
Express
etag
W/"85-bp6+yP2/Oa+nUpfGsxyY8SH11Bo"
content-type
text/javascript; charset=utf-8
i
adrta.com/ Frame 306D 		144 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=74166575&__aasv=22.91&__aaii=7911890002315598635&__aait=1639635540997&__aavz=0&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=1&__aahd=%7B%22chrome%22%3A1%7D&__aarf=3&__aart=2&__aacd=1&__aaax=0&__aaay=0&__aasz=300x600&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1639635537359&__aaxf=89.238.142.214%2C%2010.1.1.64&__aaci=ss&paid=ss&avid=112053&caid=1895699&publisherId=3727&kv5=&plid=5525409&segment=3288&kv4=89.238.142.0&kv14=&kv1=300x600&siteId=363584&kv7=64&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=61bada51e73535c003580040&kv3=&kv55=1.0,1!smartadserver.com,3727,1!centro.net,64,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&kv2=https%3A%2F%2Fnationalgeographic.grid.id%2F&__aapu=https%3A%2F%2Fnationalgeographic.grid.id%2F&__aapr=&__aatu=https%3A%2F%2Fnationalgeographic.grid.id
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.27.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-27-65.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
b1c56f199c51aba42751d11e1df29feac165e5e8f93c7bacaddc72eebaa4c8ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
content-length
101
expires
Thu, 01 Jan 1970 00:00:00 GMT
csi
csi.gstatic.com/ Frame 33CA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kx8knzzt&c=6396223262968&slotId=3198111631484&qqid=COeA8a7W5_QCFfvAuwgdC9MEKQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=928&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:81b::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
u.openx.net/w/1.0/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.221.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
content-encoding
gzip
server
OXGW/16.221.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Thu, 16 Dec 2021 06:19:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156479
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTY3NERCNDQtNTFCNS00MEI1LUFEQjUtMjk4REE0MTBCOEIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAMIkFQJ3Y-FS0eolCGfj8Q&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 16 Dec 2021 06:19:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:563
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Enabler_01_247.js
s0.2mdn.net/879366/ Frame E97F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=cpwSHRh1bb&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=cpwSHRh1bb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 03:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 03:01:28 GMT
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 368A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 20:49:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 20:49:29 GMT
c4mv1nF8G8_swA3J0Q.woff2
fonts.gstatic.com/s/aleo/v4/ Frame 733E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/aleo/v4/c4mv1nF8G8_swA3J0Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aleo:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 07:50:55 GMT
x-content-type-options
nosniff
age
167286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:49:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 07:50:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A363 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK-wrz6H_FiYWn7zsr96vXYHkCrLglGlJk1yIVfb9LqsulREpFPLPAaRfDA3GtFBOQqd0iXXmZ8UF6kR3_N0Ze7_tokr85B-AMpwHAcMroZNWb1tldcw&sai=AMfl-YRQeAT8-Nv_PDP9g_xpu27SPtATQEN5Rj66J_MqDae29IYHrMhjx3L_1lK7qOjPgXl__7HiIUvvpGkrNgKWB5-aWCr-1sFsOSY4QlkzysL868GviyIZZ3pkULY&sig=Cg0ArKJSzI8v8auN_QZpEAE&cid=CAASEuRofSA57zkT0eZZVoBOh791kw&id=lidar2&mcvt=1028&p=65,130,665,250&mtos=663,1028,1028,1028,1028&tos=663,365,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1032357103&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635540067&rpt=1234&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 446C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 20:49:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 20:49:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97BF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZihXU9q6YcmTNPn_7_UPpaCQuA8AAAAAOAHgBAI&bg=!c3ClcDTNAAZKWFskSlg7ACkAdvg8WvbgSzgwvoLG_EUUZTCIANT8ZoCS8IbiDVKpZ71MeedkryJKqAIAAAPzUgAAADBoAQcKAGJMFC2xdZqIc9SAh3uQWco6k7ZL5h5mRA-P_RQwu0wgD5s1ys2ME6bZNMBro1Elt_ebKEIQbicpKddlUxZvE8Q1GTkvsiOhiIdLsXF3gVJVItIt3Z3LllEse49et0GwfStGn5kDGGhq1No9I9hilPSbRbPEzU01uRt7Yi5jqe4syC_teOqfR2zQmsBrvhxB6uzKhiQjZ240KqziyCaOoGxr1MZF5SSqyTkhm1SmLlaMcOc-c1gKeGs3Js4CutJz2vwPGB6OdJeafz6Tk8JTnyJJrJlQFvPaWgkiEgFhfiBtwZGxGOZ0kCj7kpAh5nalWZELOma4mJsIt5uZuyEDsKDCcVsj4LQkHrHLJIGHW0rQa6q4CdP3JIdD8fOIPm1eB6s7s9QPScBAleOjRSU2brnODJ2OoDp9c9_wJFKc9XSVEW2C63SOL_T_JtUc7EvWl_QKwgPAk0_WGM0K2N4cmYfVOYOWS_JwCKIrUmDFjwhwatXF1hRj_ue7z97rF1lJ7qx_--AHi6hR4QguzRRncwhXRBFYkcG58zYLPNGexxwIlmjzXlth4fKAJ98fR8PAjltUQtAhQymCy7f342lrc7w1esw-rFW9QQLxV4KQSQvL5bjG0skSauBZ2eb9mXAGSWbwQdkDqM3Ckn0YyL1N3jK1uuOlGZyCTf_xtv1O6eov3q_Apf2ICvW_FTGP5mWWAnyAetPziHXS46pY1oiRp71VpcVTmY5iGZeyQeULfrHFIogx5VEhpUIFai6F11c7LMFTHfDZazYuwJk_2CX5MXBC1xQwwk1ZRuxlmiex0Ruu0yAZZ0upoypu4YRYAbryKIaRYuYLBBZz_OU9NlhqlDk7qL5FrkwYFzmAwin1AbEvLsCf76KB4EGd_MxxcBCtUT8W8uye21f9ksOS0Mvj4vDHw3rFB38yzX87cYi8HoZOmig9MOLOcl3m-Qcdd9UE0B12nVHJ9edlEcSY-DeTExaHKKdLTURn9e-HYd7wM9d4ZpmYInsSPVCBT0bb0wZH5Hhg04jqXSbqmhxsF1w-4eTMesJ2YK5DmlDQuUuKKhjxr-XwadkEbiHBYC2ny32epqjYC3mMFPQguwNJ5wTPqax1QFIonav5Xgob2B6cHoIdKWNuI4ev9KFNLBD4bq1ZLrIK40DqvXOMVX7B9HZy4ia0fmAy8wLKS5Iw3_5C4A
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame FC7A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 20:49:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 20:49:29 GMT
BDR.png
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		289 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/BDR.png
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa3b7d107cf98e81e9653443b6907aa7921fe7f0fded1518db5aa0fbf1a48f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 07:08:55 GMT
x-content-type-options
nosniff
age
83406
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 16:45:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 07:08:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 306D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUG6wKD2daM-SvsyYO0VCJ_mXMGfgPKIi_PXTPAF0xg_uIIEDYaZHmcmvofyOpAmXAbWXzY-Jdp9p9h8l3j7hxssRnWDUH-eWUdfrd-rHr9nxaAwEYLarJODm18l0o_2gGu3imoo2w9P4hFvkcfwcIQd_Nl7zp_aqTJUZKNw&sig=Cg0ArKJSzGtdtUVEvTFCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=965&vt=11&dtpt=707&dett=3&cstd=256&cisv=r20211207.65024&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nationalgeographic.grid.id/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E767 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGaS-U9q6YcHFNI7m3wOV4ZzQDgAAAAA4AeAEAg&bg=!Dg2lDUnNAAZKWFskSlg7ACkAdvg8Wm8IRZTdBTTgcBeEkvIoJWEMKZP6ZwtOLXKHfV9ysl-KxzzVFgIAAAQKUgAAADtoAQcKACyHh7zGkibN3frCorUfhfmHRtyfi6yBU_Aww94PFHZ_XSgtRcQWreRhnIXYppkDGnvDl36Vn2G1PL3amAv06wzjA257vC25iXqogxx8FarZ7c0ZHXuFB_lDdOZVeFgHUOk7nAS-KA5WotvO7jP-BuMFGk0i8h8dpAskyRrOS-Z6hSfUjY1VqNjmw0aoFVqNKntjm75rSgjTT0iuXQAZFrE_QY9BZAzM07bsvosFD9PSP9b3LCR7wTcudHkV7VMGX8ww1n1jIW1tGuZc2sVfvlZj8kvV1dXkFzj4q8TYNm2U3KyINWSGkbJXydkt3tyoKW5_TTrW3GEYSWjFkCoUXLEsbRIW8QJuqxzkzs9ObDLz7O0Qbst1ZvlwofquSa-meYQ3EXhvPAzH8L8vscA9NnRK16eRBNR172yO7Ci1VeujPe7kdmMoTj83e1YdTlEzTElQNprfHLefwC3RPJBNEi0fwbEP6xN01kmpadEcGzjNHIPqjrs1Nkdi9AJ3ymXYhExVfk3k52hFL6wK0-9fzGy49kBt7yzkq9za4W1WsYepLdo04NXwDD33NMTCB4d2WfxJJLlqf5lkAzAtgzBas6hrI2pjnoiuA1o6_DYBdvORSl1zy_85sNeY23CbM7j8lfHZtSdVkuQwVeJ817Q1xrlDdUQVtIqONgu-wm6G1B4ZCUzdcXDWoxhWMNXR2LYzwmEvwDRVt0ct8t25AeIxFiwi-prh2jsatLbbIG_R_Tp73byi9N39Fr3J8bYRaGoC510MykYLrqkcGr0GVdHMntS7pl8g2VwqqZjbp9DjuQ9Cw_cy2aW-R7VNNP7vIY76BNotaxnH0dtCokKXTAMSg1j4spNRXuT4h8kmAaVE9FRCCFMvnUwKEeYW5V2qabMGYZgEmaiEW8IZoopGOu7TlCOqwOTRxywxRW0uuiHP3xS4yFxyrlyvYT9z29F8fuEDtSJ6iXmFCubpho12lV_HPf6qCupm5RKPv1QeZAwlTF7mG71u0V6NUX8xI4KhpF-px4yexkp7mwXmT_zn6EBNH2gqHroalSsUcTRad2tRa4aJXr7suxqlHXz5E5dNup64SXcy18Ky4kx0PLdTcTtJddYGSQxRjmSBSSV2
Requested by
Host: ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
URL: https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame D784 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 20:49:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
34173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 20:49:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FDBF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1978616448361754&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0286 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3yuDU9q6Yfq5NMuR-ga9uYygDwAAAAA4AeAEAg&bg=!3N-l35vNAAZKWFskSlg7ACkAdvg8WqoL464ZifNpavmHccqiGjwF7UGQ9h6CW2R60wjNVHfQXB3k_wIAAAO5UgAAAEJoAQcKAI06BDkeMmXlu8CNcCxOE4gfr_KNrl2eI3g3aDu9kLqtfy7OQzM2VsKIXcHHja7dry7ZIAXU1R5ua6broMHulcwmLfYWxkEVkC6F4Gr5swgnRAGAlSIu6Zt7K7pClWP0fgfP9QeiqAwP3qJ8R58hGJXdJ2ZbtXzIjjQ_RwMW_a9i8meY_OhcB9Sne_Rfx22ZAv2H3u6kZgbIOTV9hnzR7yg3aiGPxxW2S_pbBJCFrPstvUDWTUtGL44nKZhJ3HcN4vkjrYikp8uIyUcpucGT2BhYPeez3_9OasAp_3zzVSjVBKarzWZ9d4cdE7wdDGrO6caomSgsoePw_-J3YMMqGaV6JFH7wjnvRlKyWhJGunnUyHN9W3Uu9a8FimSJhiGvklZHeQMfuOyJQfjqgHfjRdq2qz0hxXM5H6MySIIpUgaJZjO6qoxVyqC30vHO_Epyic3yEOtRkK1QOcXh3Dp0wuEu8DH8hxAcE8fR318fs4W_-hXxmIbM8WGG7zOfbjTYFT-KW-mwC7uoo2H0eixTQjgSwJZKlquibx4xpUWnGIransYcrAXppxp_fCybJN16bhcVnj33dxa-NxmyRGuj2H4cGoSIeOsOaIoN3rSWNI0Lnu_kxnup7_Tc-NoIZ6ITdCpFPtvxoslx5j7WmpWdExgXGQtKz4m4LszbLLsEl_dWeLmNpcHKM84KUv1mLzFQmuMYDBYOXO1n-vs1UUvyfJ6ErfGIaFkpAVxFXyHgx2n2nicyN637mKWU7aLs1r3D9eNQqIi3SLrQTOwPagvgR7akpABU42FcpQHmccR-fEE6jxJyGmGNIlS-_8uXyWK50bmpn_86WfKPQsClr-d7a-EBwznENV3MKDhMxS_ItmDKDjZWsswr05RNZkROuFG1rpi-N_ihQ_LT1E_IRmu4JmF5WkO6SlV4udEUwjsVe3BDXLIuiVcfhNz2L4seHtorzK5g-3zWMhKab93w92XpJDMIT3qJYdyZLywRxp-MEudnz5rUOvAngVPSE9qremziGbCOQnoi1XkzzBR5MfZyqPG1_RxVAU5NDrcAb2PWFJZ7EF4B6V3NMGFNILObknrAxBxN0G3Ig5m_Od1rCJeGReV04GFtx2zgUSYEA3zlBHxaAr62AYfpVT-pQk85U-ixLt6_fqfXH-7M8lxwMu0hyJqFVXTF4JpgVj77gX13iE1Hv6kBYrx_AaTL2em7gWs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c4mv1nF8G8_swA3J0Q.woff2
fonts.gstatic.com/s/aleo/v4/ Frame E97F 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/aleo/v4/c4mv1nF8G8_swA3J0Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aleo:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 07:50:55 GMT
x-content-type-options
nosniff
age
167287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:49:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 07:50:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A363 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugZQxudbX0NXCmDs2UB7oNJFL5-cX0xzGSa_odGGriIfAgpzKoPUIlTtPjY_H5ul6UENFwyrLFHWKDdOxpAj8MGT_ldyOOaxzb2bBKLIzWmpS_MShew_A1ubDgmE8PcqaNpis9BPDPKOksUUwmOE5CKRLCNjCT8zb9hQ&sig=Cg0ArKJSzBlclN3bRPWIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1231&vt=11&dtpt=875&dett=3&cstd=349&cisv=r20211207.47324&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A22 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BtLozVNq6YZaBDJCHzAbAzJzAAQAAAAA4AeAEAg&bg=!lZalltLNAAZKWFskSlg7ACkAdvg8WiZqLM7Pu4vM0zTKrk8PL5u29F1MFUiH2aadZPFJDZiSMlItzAIAAAOiUgAAALZoAQeZAwois3-fpQTyQT_EvvZJOt6Zh9GRkLhjltyH2e4YJp9zJ9NH-YkKNpVFd3mURDaniQNPigHVi2NXBJNzjdEhFn0VujvcY-85_XBkVgP67FI5z_4RtznqI0VEYuy3xA_o7hwsiCpWT1i8319_U4IgELWqK6Yk42h5gGJryJMb7gAdzGXbuMC5A0lTfLbCj7BLtQj6VKQDaBJNx4RtB5MpzDt0kvvuEix59pjz-LRxRCwbq-ndo4L_vb351eFM57aQJVQnWUJ50ol4jR8jL5gyqtmFwSWZl7vIj_zKNqKgdsQtv4-PjTip4w5lTs3BfjomnPkPdK3-suyetxXvpDah62NxlNIJqmTy6IJroUuBYQQczO18Cca5R8nM5KS5k4j9YKzREjlrVqUTfwwObb8zwwWRPvnokLUSiYeazWBlm57PuPWy4-_9vrBE7fR3zDdyhvjjRg4qhVWpZuc9TmK-v5vsKOLCIi6LuqdxjwEAImZw-gSWjV7zJwfNSrUnf5RzB5filRKk407D7Ys_q15qvUhI0XJm4ZCKBtWWFIxqzgoyhUy5uVnBZbg6fIfCFBcUtZ8FIZeHbfFrm9W8s3EXMqvNwxiJkIVNTTxIGAGWqSe3kKquaZPh7o9zIRpfTJMHzPDJ8NV43n6xSjkWFRHz7PF3ShisMTQOnm473XxJz2zqSK1MbXUrUxv_O1NMIQ_LQuHIp-JnFOqhT7_UnZITs8pA9ll8olVF19lqxp_D2eftr62BkgJIDt4A1S6xgyU7oRifaDLOqJYqh3FCebQDWIlqoWlssDoHqlBeXtZri8YrsJogdYtOXq7zUF_LWtFECPAG_5S3xa6owLP635ImemgKcfg00sflXYvcSSIJEfDBP5Zu6YLpiyjRd16RXRJNAt7DBeeVt3-yMIkocji0PzTCaWQ-VEcF32MAh0Ekh-ZyR_ydkfg-A2-7ceLA4IGfSgsrIVc_SXw_MAe0TT9O62xrDR_rbz9rJDiowYMVBf1SftzIXYAK0TInx0v9xsWjlDuiIq29eTk78Yjr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ICO.png
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ICO.png
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a83407132ce4f1d062c40d7203be3b773f57ea6cabda69775a9fcc7e43878ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 07:08:55 GMT
x-content-type-options
nosniff
age
83407
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2701
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 16:45:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 07:08:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1878 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstL0n_Xt9mhC_Y-Fh3cBa3skqBwHpZoLeaQjk3GYIU7zBDcvKVKMHcGO2fyTvXayJgdsb4gwoPZgoRhzQuGfj6LnWYn8-BoIInCC_MiKySyHuEYOKIIMg&sai=AMfl-YS3j_Xd7B1Ef9OkIu_9nOc9jfhvTurNz4ZvBAcL_CzI3F2vGy2pzJt_lns94SJSXsXWUoQzgD2-ytCLMq7cUuarD2EdMxMQhabWJJ2fOVO5ZvOUW0bWM05Ac_Y&sig=Cg0ArKJSzKsPAMbcmQN4EAE&cid=CAASEuRo7VVAohsyDiFoxGqg0uqDYw&id=lidar2&mcvt=1019&p=65,1350,665,1470&mtos=720,1019,1019,1019,1019&tos=720,299,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4242047388&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635540071&rpt=1428&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1878 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlz_6EIIqPcyN5WY25xSf0oSOp62IW94SWrQRlwXNNbwtHmIC0y6wVMu90wge3DoCW2phNGVn6AIG_LpJztNdpX2bbu8uYbUIyyP2kOeNVnU_-R1iVSjG8_WGbTeVdbRHRpd1QuLJAWXly52xpJYcEnPAP1UrnizQjQQ&sig=Cg0ArKJSzFoRJ7i_PszqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1151&vt=11&dtpt=880&dett=3&cstd=267&cisv=r20211207.78967&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 733E 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e45b024847c77de06437f176271bb24b23a8eda27a2075df36f0679b1601db5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame E97F 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5258e4a55743e27828105d682d011e87d9e85070aeb318542237dcd35ee0fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4450
x-xss-protection
0
IMG1.jpg
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/IMG1.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
883705df2ab83eb05ffa24d24ed74f45320ebdee2792896192accd4f37ac56cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 05:23:35 GMT
x-content-type-options
nosniff
age
3327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21259
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 16:45:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 05:23:35 GMT
MSc-GENERIC-download_a_brochure_CTA_Skyscraper_120x600.png
s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/ Frame 733E 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/MSc-GENERIC-download_a_brochure_CTA_Skyscraper_120x600.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1709ddd58f038e7855aaecbbcf57aa20bfa77979437b6e263e6ca5b1037aa77e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61926762/20211005053703330/ADVERT%202_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=Ojza5ph9n4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205833
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 12:37:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 06:19:02 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 0C71 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
51121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 16:07:01 GMT
MSc-FINANCE-download_a_brochure_CTA_Skyscraper_120x600.png
s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/ Frame E97F 		286 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/MSc-FINANCE-download_a_brochure_CTA_Skyscraper_120x600.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a82fcf5be37b7fa1ca3f1c60e307f1080e42af617bbd85696e95613a97d53ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61908895/20211004062523303/ADVERT%203_MSC_DigitalAd_DownloadABrochure_skyscraper_120x600/index.html?e=69&leftOffset=0&topOffset=0&c=cpwSHRh1bb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
293096
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 13:25:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 06:19:02 GMT
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcRfN,pingTime:1,time:1904,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:33%7D,%7Bpiv:100,vs:i,r:,t:822%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1082,o:822,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B814~0%5D,as:%5B814~120.600%5D%7D%7D,%7Bsl:i,t:822,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1082~100%5D,as:%5B1082~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:304,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a.847999-57777490%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b.38080026-4eb7-277c-d0cd-03e33d544e64.121_10933%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcRfO,pingTime:1,time:1905,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:33%7D,%7Bpiv:100,vs:i,r:,t:822%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1083,o:822,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B814~0%5D,as:%5B814~120.600%5D%7D%7D,%7Bsl:i,t:822,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1083~100%5D,as:%5B1083~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:304,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a.847999-57777490%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b.38080026-4eb7-277c-d0cd-03e33d544e64.121_10933%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 733E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Thu, 16 Dec 2021 06:19:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E97F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Thu, 16 Dec 2021 06:19:02 GMT
IMG2.jpg
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/IMG2.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e02c5a07af7159ee00ded176a6753a09d7a0a59edce22510dbd54d7b965d642d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 05:23:36 GMT
x-content-type-options
nosniff
age
3326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22020
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 16:45:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Dec 2021 05:23:36 GMT
IMG3.jpg
s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/ Frame 7BE8 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/IMG3.jpg
Requested by
Host: nationalgeographic.grid.id
URL: https://nationalgeographic.grid.id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a75f2f4103ce31516602d259d0ae404734adfed5f454e51f52235a51471e2211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10848750/1632242711961/21-TLG_PALANTIR-004-Display-Millions-300x600/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 06:41:16 GMT
x-content-type-options
nosniff
age
85066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28264
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 16:45:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Dec 2021 06:41:16 GMT
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcRiB,pingTime:1,time:1650,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:524%7D,%7Bpiv:100,vs:i,t:613%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1650,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1037~100%5D,as:%5B1037~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:291,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a.21cb7ad4-e139-178b-bb70-42f64639faa3.101_847999-57777490%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcRiC,pingTime:1,time:1651,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:524%7D,%7Bpiv:100,vs:i,t:613%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1651,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1038~100%5D,as:%5B1038~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:291,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a.21cb7ad4-e139-178b-bb70-42f64639faa3.101_847999-57777490%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcRiC,pingTime:1,time:1651,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:524%7D,%7Bpiv:100,vs:i,t:613%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1651,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1038~100%5D,as:%5B1038~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:291,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a.21cb7ad4-e139-178b-bb70-42f64639faa3.101_847999-57777490%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcRk6,pingTime:-10,time:1546,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639635541397%7C%7C1126110a82113229412c044453873b3b%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C4842ffd038a262dc54a35f1ae8b7b3a6%7C%7C31335c88478c0b9ed28d0f1cee1c9ed3%7C%7Cbe633ee808a8ec7c3f3aee8487369bbc%7C%7Cfe5b338465bfae44c2e54e2063f04854%7C%7Cb30e0650da36596a646df1950953919b%7C%7C1629390669,sca:%7Bspg:21cb7ad4-e139-178b-bb70-42f64639faa3%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 306D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUM9bkETaS0wRasqgNQ0tSD5SvSJhXebQuoXWRRIuTkC84sO0eGs1zMuWYRs6QSgXkXhKsNXb66JvnAsbVSR3RQmww1LVZ4yU&sig=Cg0ArKJSzAmLYBFCerHTEAE&id=lidar2&mcvt=1039&p=0,0,600,300&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=3381709067&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635540803&rpt=1327&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A363 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrL75aOVXb2AZjSxGJbE_6rus3xyjB8L1JevsxGu8C6TvM2R1gi7L0zN2vFiLnfru0A-SsBl6f60cJL4YKXX1kP0RynCir&sig=Cg0ArKJSzIfr2HVK9aQ8EAE&id=lidar2&mcvt=1046&p=0,0,600,120&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=3944675606&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635540067&rpt=1993&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 08E6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
51121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 16:07:01 GMT
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 281E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 16:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
51121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 16:07:01 GMT
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcRnR,pingTime:1,time:1779,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:479%7D,%7Bpiv:0,vs:o,r:l,t:610%7D,%7Bpiv:100,vs:i,r:,t:762%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1017,o:762,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~120.600%5D%7D%7D,%7Bsl:i,t:762,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1017~100%5D,as:%5B1017~120.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:222,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b.771792ce-fbaf-ed31-f743-f9726433c57d.119_847999-57777460%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcRnS,pingTime:1,time:1780,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:479%7D,%7Bpiv:0,vs:o,r:l,t:610%7D,%7Bpiv:100,vs:i,r:,t:762%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1018,o:762,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~120.600%5D%7D%7D,%7Bsl:i,t:762,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~120.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:222,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b.771792ce-fbaf-ed31-f743-f9726433c57d.119_847999-57777460%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcRnS,pingTime:1,time:1780,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:479%7D,%7Bpiv:0,vs:o,r:l,t:610%7D,%7Bpiv:100,vs:i,r:,t:762%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1018,o:762,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~120.600%5D%7D%7D,%7Bsl:i,t:762,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~120.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:222,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b.771792ce-fbaf-ed31-f743-f9726433c57d.119_847999-57777460%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 368A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BusUKVNq6YfXEKt-a9u8PsdeDkA0AAAAAOAHgBAI&bg=!VFelVxPNAAZKWFskSlg7ACkAdvg8WqI9zxHtmG9qwrx1M_YjDUBJaTMwnP6jpXqcb7QnZDSP-n8pGAIAAAJbUgAAAERoAQeZAwy_jzlSSQfuUlf72rLPp_r7vCks7CBIlG7K7P4D-2OlJ8ZXIR8MCUMQVdEP8z4CPYjloSY8_5jd46pk0qWGJ3SO8u0hLc8JDghByVmkymZMnpXCZeL0g8Cr365KO-JejDQdnXRcSI-NFlBZZSgxohRKb5Y9ikh2L-n7fZgstmz-Y8jHZQPPkDWS5ZYEdNgLv3UqZU2RuvA4XTbeIXFBb78eFMPMEb58uxI1-JhXdV8T-bW8OqlvMaLTLM9MyeneF40w-dr1tUliH9clqyX9ZUUsMoICC9GdUZvEW9GLZcIUlbxybMd5ykrFczwoR3svwHQq28aCsGIX1wnJOTpS7d6LAAq5SZdCLY1vm6lqeOVbdtU9zhrkGn6mEgqu3b7uMuitSmu435WRzJ07KaEV7CCbpO5tb0QCN0hHR0gy8u-iZf29HqAo7yCWdxGB15-dtoit5GSkQH_IGEG5uUCsnICLfGvxqRIHOcBmT2gZyYg62WF030-fxMbhNggDBhOTTROzzkyHkSwtpIvzhlO8Rqxdd0paMn3sYlY28L1MXNqDYIvipbZuQYmeIAuGCZ5S72zfO-lwUffe76WNEntjJonWb1gF1NqcojmtzXmnfSLvjnzCyQSSrIKSwmT3ps7HgNK1CTd3LA7BMQsijaIE-n_EDQ3kO36xxbdoFoNXWp56aPFDEuEgO4ULKdfnRgvXVOLO5qlOvrwByAJxMzKZHSijlQMYLMQZqba6WYLEN9RfRfBBDDybebaU63cNdj8cK0BWY5h0xV3wZBh-IeoDx91WXLrOOvvGzC3VU32_YE_EwOITXy7s_5xqzCuNiMByFEq3Y9FtFs8aDyNs6sbjw6Ug0-SLIQzrP11sXXVP5ElhpLWv9rmEdB5T-yM3Laslcih5sLbEIHXP0aFd7g3ckEneQp3YBpzO0QS8EKQoY2OghHW7s7HU0ExBBNk5lnGnU9Ln_O0SEPOKw3btZFFVICv6y_Q5K27RwWWZI4ex9DGBCFpmjQ6vHswlTafwgANy-hxNyFE3X0EOtbwgndw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 446C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPlHhVNq6YYrIKpmS7_UPwfy_qAwAAAAAOAHgBAI&bg=!dnWldTHNAAZKWFskSlg7ACkAdvg8WiRLsG_Ta_mt3MC6DGA0FXm-eZFnztdmWk5Z1wRuOTeHxfetgwIAAAJMUgAAADJoAQeZAwF2jsp9vcYsOUNAqluIWbAo_DAuxZgBeY-Tn7Xkr7XZ5dzQfnJGNRUcq1_hr3ln5uJMRqQq8BhH1X-sVUbldc1MWXfgoDaX3Pov2V3wnUoKD_Pr_AU3pCiEbNNjBvHZwz-4oc-nVOhnc4y-OFTmqFHrjhIkh80Ozy5fRchZEmP94oFqt6gS-MALBBYQwINJU4am4kkEaMsT_tV6OrGxqYuxTZPjsGr3XN6wBSYZrCUHN9Wfua1G_YsKoKzzHIZHMujNkDqNmvodqMQpWRAEmAbQt7GIEfaTmrHRuCFS3qVIWe7KLCA-i2C7EWH52HvVMsFQBMAc7-rE0kPfo3POwn-IrXFfmNRJXEk_o_KdlJ8dbU3mv3_6yZfqu0ETLrR8qIdE-SotX9JsvR0brUNj4e4siLo-jWGK0326ZH_fl6NdEgrTHPEqXd8huT0R2qZil6xiXYCImC4KScXDVAK3Tx0V45PbkTBIse8slqFhMVl16aOXMc2X1UTkbzOGrBt9shVh1jDph_xKGiFpT5tDlWKxsTAQtz_OvkAqAYErPf1nMGJh4fz0CTsWI3NpucgqEWsjE2_Z6mZvJQGqqj1YaL3UdDcMTGoKxABzTm7T1u8NTxkVSfRxiIvs2SsydXvF9BiLxMZahX5GpI2u1E5bTwtB3t5csvCK6-X03Nw-CtEHFT-2RwBEHiA-jbby8jRO0tXnDuDAcsVoyIUQ_54FWImm2FGHeRynV9LBqtUTSMOg-SumbW2IhzuaE9rHhIAWfvBjDHe8WivhmQWofD_b9woSD2aibNANweGDWZ8w5t8Dr_fN-HQllsXZijHkDPxIKEOTaHpfoPqkDwIiSuE9kzLqqsu_1wQgFmx8xCeJ_lo4nyy_pcSNyRIBY73AR6uczntbLXJLr654exB38h7vJ-4oPx-oOjBYPLNW0itmdGS0Xdqbo7BstjwS6d9PNmz9gw8i--QDapIeEkV6TjHKzCtpHU2e3fYPMVV_QiJ_VsC8lRFAJn8g6DDrwnRrj9i8Uvxc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC7A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByXRFVNq6YeGnK_eCx_AP2e6C2A0AAAAAOAHgBAI&bg=!6Oul66_NAAZKWFskSlg7ACkAdvg8WuGJ8JOkxQtYD8SyQQ_yCDHlGS-V2aykY-OrUAPKUec8eGI-oAIAAAI8UgAAADJoAQcKAC3VHKmo37Sngi43zY2V0jULCNQQc8avEwtZFlHhq5vDWCUrQxcsMvs64-omfNyZAv3pniQ3q1KAQXYTQmY87nTenhMdM7NjWw748p7TzJhxkDP7UQHY9W8j-V_Eah-0gjpS7vOgeSKOftVm-egrgJ_RYhWh_ywUJ5HqTYNoNNrZ-FN2fVOCjk-Pt1cbl-et7PSr17egNQDFnew9-ceR1b8LS62QaanIBUyscRCtpyh8aLtxCxfVrfptrrAACoMeOWhg_Jcl7WSneJIE2a3V98Yx9SobVHxBIOs6ZH3EzIXeF7koj5ai8o755Dzsz0aGVajZA_pInQs-hhTlGaol3Sb8H9SVxmX2Xim7R4eSQpW7p859HApBSp8_TFBlclknN88k_k8Loyztdg2oNhjY7y_BmrHXaDZXBxh3_dSLZeEuESnqyZ5yfCz5iaG8aenMbwlgm9OHBo3hZMEZn3N3xOBDDa0uOctM65u76J9mJxzX0qpLSlf8UohUZXqPw73oShm4pqhHTLxDd2u8O9qHMdMNYrvTwRJYcRkJYY9DDdA6orY-O4uRL2Upe9JudzhP7DdoaHqTNgDH3byDzzr6lY_s9tld5kcoKn996kOI_1jW36MKe6MkloedYZUS09woixpUEF_ynIq_Dg-_YIzd6T6_dFsZAYAcAMgn3U8cB6TSM6r3DgFTke4mQVarjl-nqFxqmM5dP_mCps1TdKYRdDSZkKrCuDsK_ZJpkkE8UjnfQFTlT9ur4EGKbpJZHYm2ZWTj_W1eF5wVTCFYdzFkFnPq7QN-tzeiYZFhUmRoNSNgvW9HqF-lPh7Ayth_Jb_tZJOD4C2CabMBl-GNEFnlYd9GrK-5wI9jTkS4k1D91zpoveSEMG8CYLZ-g3GD0HiKnIUQ-vLt90dK_pmLAXghznSnrM6E5QHA8ZXsqa4HsercYm5TZ_2guqmMakWEfMPS0B8mF6BpstiRJck-OwReIFPTgeLQrVCJmDOsrDUlijhpPHF6_68xCURQcflGjZ9ojNyaSybLg-Tjr7C7WRph0EP6i4dRevt2calk0FngWgYXb5wqaHxgLHWOXeqmtSI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDDE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=164518
expires
Sat, 18 Dec 2021 04:01:00 GMT
date
Thu, 16 Dec 2021 06:19:02 GMT
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame D784 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BISKbVNq6YfjGKoDH7_UPgLyOuAQAAAAAOAHgBAI&bg=!JiWlJWHNAAZKWFskSlg7ACkAdvg8Wi0WEi1toethbI5RU6xMl8woIX3yfactr5iDLRfwd-FjEfjSqwIAAAHxUgAAAENoAQcKAHIP0gAxL0FnGIfkdG9xnH6Y_YUMhChrIRrL9oyztDOQxzEd8zksdqtqzAqdjz_884lSweip0INuQUQdejVzn2UkXkii6mtBmX0c87AB5T29JeduxxO8dSNSA_qCFzmI8nAI5QeSq-IvMX0FMK4mZ42kWHaZAwTs4M8LQSfU2hvVV7bdl7_g0zbs8kvn7m-W4WUJQxTT0SKjWnDpLw-qRsEBLsyjv_WVr8fzejC_33J_29eqy0AdO9vP-d56tSl7-KHBJyBbju0-rfQJlcZBZn5SLsBvpkcIBOapiqcg_o_whzERT29p_MrvS515uB1hJhK_02uZjGJJBOd6VwqlXaVJOzTloOf7zOqEceHRlLqCTyXuxTXfZKmEjOC35EolzwrgwcYDTIqXAwvOnvIe8NiqZ8jrqW4LoqsEcIBtU2_ddgSphX5qPsihRQSKvMSA_xknMx3jPIU0Bjkg0fgX9N63u43VmYv3S2YADwmBxuY7QPQgzYLsxTM-0NzZBNzNX0lZxYTSjEMiNXiyQpB3DUUi16Sh20N5HgvkS80gCOUu_DpC3EaY0Z5zKRkXxvv4A4pwppfC9BV95vuDkRrBIml4-efVqm5rt90kNZCve2xWFu8UsbffoHxe-t_D_0t3xmA3RhvdAkaVukxwFP5X443a4eSZSWgsocZTHvVhKIxriFSQQJWerf9Zzm-HIMi-KpelOTXlWtH7odwWWqvHLQMpdjulMumdWnF9d0NSWVXFFRs_YsXdF16SNNbJCZHL64zw0-py_ehlTwXwII8hSBTCDxQZICZsXVaKfC7P6Z9MzfWTh5Zsh94SZkLGj67c6fAM3z3PZG4u2_Y4K7E54j6vRvZIT8QgjxCEAkVUef_HKYotZWAFoQZodRXZ25aRh3xAWHpqXvv6lYPMZGd6vyik_-Uozf_z3JWkU0gMExCrRJDKwfuNWUhqH2WnsFI7IQ5IyaG4K4IdnhS1ShxX8ibTiqe0DBeGt9sYv-W8mM6_x-7yrPZ88tHlPiIh1u0vs4nKmTvr952OJ_bYwuBB91OkdgxfwcDdXLbVmNXNQdoTjUI1R1SdaVNMXoMUKZ79hWvYS1ml58YLo4fvJzTjIYGX4TVW5DK4DuQ7W_SDAAIHPHH4WEI7tdMDGANyYA4XNrssuoG073nlHS5vCaF2fTR9xHkYQTc5GyLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
adrta.com/ Frame 306D 		15 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=84522767&__aasv=22.91&__aaii=7911890002315598635&__aait=1639635540997&__aasi=12993978504494247190&__aast=1639635540632&__aavi=5402309903103273467&__aavt=1639635540632&__aavz=0&__aaib=1&__aaai=1&__aaaa=1&__aafl=1200&__aaaf=1&__aaag=1&__aahd=%7B%22chrome%22%3A1%7D&__aarf=3&__aart=2&__aacd=1&__aaax=1035&__aaay=551&__aasz=300x600&__aapf=1&__aaec=4&__aaup=2&__aaat=500&__aaae=1&__aaav=1&__aaas=1107&__aaah=0&__aapc=500&__aaph=7157&__aapw=1600&__aap1=0.838&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1639635537359&__aaxf=89.238.142.214%2C%2010.1.1.64&__aas21=2001%3Aac8%3A21%3A23%3A2da%3A%3A1&__aas23=2001%3Aac8%3A21%3A23%3A2da%3A%3A1%2C%2010.2.3.39&__aaci=ss&paid=ss&avid=112053&caid=1895699&publisherId=3727&kv5=&plid=5525409&segment=3288&kv4=89.238.142.0&kv14=&kv1=300x600&siteId=363584&kv7=64&kv15=UNKNOWN&kv16=&kv17=&kv18=&kv24=WEB&kv22=&kv11=61bada51e73535c003580040&kv3=&kv55=1.0,1!smartadserver.com,3727,1!centro.net,64,1&kv27=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.93+Safari%2F537.36&kv2=https%3A%2F%2Fnationalgeographic.grid.id%2F&__aapu=https%3A%2F%2Fnationalgeographic.grid.id%2F&__aapr=&__aatu=https%3A%2F%2Fnationalgeographic.grid.id
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.27.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-27-65.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
cache-control
no-cache
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type
text/javascript;charset=ISO-8859-1
content-length
15
expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CDDE 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95366042&p=158361&s=845643&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d584bd3ca71da1da19953f5a7cde43436718d59b40dc304f34faec4ad5a1b58d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1978616448361754&bg=!Z2SlZCDNAAZKWFskSlg7ACkAdvg8WgbMPLsV_-Yp0YGGvLhnbLURAYZM7aFRM82l9I79t3_hAcmWZgIAAAHBUgAAADpoAQcKAI1QqxIGks3fwxFXtwGXKBMqzeN9HLoRW1KN0NKmvC1DeDLQYq0kp9XVva0FtnRpEDKI118M8iqs_qNbLSidvsD7LxGNfKWb-4tD5S0SQRfHBc1qiPu4SSlsbXMUbIeLN4KXnBAZ-yZZy0tRB_Op2XtOXTQP1xyyJaKg46Nvl173ePSLaaI3cejd8F7LoPGZAsMB-MclI3mwNZEl9Imz_5tLdAfbTaI0AVEVTphB7ovH3qlknL-yrm1tCqNlC5AWeLEwJxP859RbHV1sdhW-vPdjOWpeNT1VW4iESEujUZ8GV1Gh2SGfiz5qUFOlXO77Jq3YYCkD08e45Nu3iATqv2tMTlREZKWzvmQsw5suFy5k9ORx9YPeK90KSVaJHMTkVWybSfB29RjxiOtYGF4Z_WV4SfPdmTuR_0Bp6_YHrmgDX6aMLHA7a95pfQz1uTumGk-PrrxJ2StgCLLLuGTzN2x_iPBdxqlSp97SQcbNYfR4tL9HWJZCYCBtu7al8j7T4jV2D4Zffjj0w0_Pjk8CbTtltpub2YW0185dQgCkt6z2Hr7I8B_4KSAnmG8lQXCrI-NCz-kfajzANmG7Qgw2NHOm2s8i4bdCXUiAhxLJ628o-52ZwAVE7NlAtqg6VE94qJjtrk7TRQHQWVhH0iJQJVmKkNkAzr1Ui04IXkoTUVYProv47ZQsm438HMKRpIY__9b4PGe83xiW2TezZdDHYUI1KabznOX8Se8CW4ju9LgxU8umZWemHKWRxJCAmKZlL8KHczZUapXowo0wx5_idgONmMM94z9IGMMarRmfCeYxiO5kF_8zLCY3Tw4NGkEO9eyB6kZ2t6ULBK0eeTK9dzk6W84hAG5dBCo7mY8T3nAP0qrL1gxA9F-69gKe6_Twu1kd4I5_FBMlOe7BCkDYzJdIMGcQxBinld1ntQh2OET8KNKb4qQ0kS_9G5divZPFbw6CY9Y3AuJzY9W2NSgaCPX7QC2-nhu09GImxgb7QyB04504bz2RDrnCIMhFMPww5ZEpVcp7ikMpHhaSjwLc8boNTH6OGrt6I5RalXeToq3nfXVxM7xKewFpd6rWWQndbAkLc1vA7DluyCA8c6KOQtZ2EkIQyCwBh1YSEbjb8D37XJ_L7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://nationalgeographic.grid.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 3FBB 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=1674DB44-51B5-40B5-ADB5-298DA410B8B2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2A34
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4346793115810061751
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4346793115810061751
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:01 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug008:0:411
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4346793115810061751
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1089
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug008:0:459
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Thu, 16 Dec 2021 06:19:02 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Thu, 16 Dec 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1425303
Pug
simage2.pubmatic.com/AdServer/ Frame B495
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042181034545707158
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042181034545707158
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug017:0:491
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 16 Dec 2021 06:19:03 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7042181034545707158
Pug
simage2.pubmatic.com/AdServer/ Frame D57E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbraUQAMUrEKcABR&gdpr=0&gdpr_consent=
1 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbraUQAMUrEKcABR&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug001:0:475
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbraUQAMUrEKcABR&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Thu, 16 Dec 2021 06:19:03 GMT
via
1.1 varnish
x-served-by
cache-lcy19271-LCY
x-cache
HIT
x-cache-hits
0
x-timer
S1639635543.041660,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 177E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLOXJVN0RkYlVBQUQzemw5U0EzQQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.214.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-214-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Thu, 16 Dec 2021 06:19:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Thu, 16 Dec 2021 06:19:03 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
361
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 745D
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug004:2:374
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Thu, 16 Dec 2021 06:19:03 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame CD93
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xTK2X_59TvxKS8CzJN1xSVnujtY
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xTK2X_59TvxKS8CzJN1xSVnujtY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug024:0:433
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 16 Dec 2021 06:19:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xTK2X_59TvxKS8CzJN1xSVnujtY
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame F8F2
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4461630230
  • https://sync.1rx.io/usersync/tradedesk/d65b1dce-9306-45da-b9ff-f23cc479c3b4
  • https://sync.targeting.unrulymedia.com/csync/RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
42 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug001:0:494
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
etag
RXc003b1e5b49b4b46a33b35415e0e2a2a003
Pug
image2.pubmatic.com/AdServer/ Frame 3CC8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=y2eyBciv6Ua44GKnm1vvX_Xb
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=y2eyBciv6Ua44GKnm1vvX_Xb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 16 Dec 2021 06:19:01 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug019:0:480
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 16 Dec 2021 06:19:03 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=y2eyBciv6Ua44GKnm1vvX_Xb
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame BE88 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 16 Dec 2021 06:19:03 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-9
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
dpe
ad4m.at/ad/ Frame 1ECF 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c0af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6be5cc413f1b59cb-MXP
cookiesync
core.iprom.net/ Frame E0EE 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
ragnarok-29098e4fed78@version_1.364v2
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
1ms
Date
Thu, 16 Dec 2021 06:19:03 GMT
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame EE9A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8293686b-9802-4147-88ea-c5c74bc8bc44-tuct8b45fd7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8293686b-9802-4147-88ea-c5c74bc8bc44-tuct8b45fd7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 16 Dec 2021 06:19:03 GMT
via
1.1 varnish
x-served-by
cache-lcy19249-LCY
x-cache
MISS
x-cache-hits
0
x-timer
S1639635543.366664,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8293686b-9802-4147-88ea-c5c74bc8bc44-tuct8b45fd7&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 16 Dec 2021 06:19:03 GMT
via
1.1 varnish
x-served-by
cache-mxp6942-MXP
x-cache
MISS
x-cache-hits
0
x-timer
S1639635543.198979,VS0,VE24
x-vcl-time-ms
24
content-length
0
i.match
s.tribalfusion.com/z/ Frame 49A8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6be5cc42fe94e8ff-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
115
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6be5cc413d6fe8ff-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 730E 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 16 Dec 2021 06:19:03 GMT
server
a
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CDDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FnTbRFG1QLWttSmNpBC4sg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=164517
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 18 Dec 2021 04:01:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b9961ba-da51-4200-bbc2-6ac8666197be
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b9961ba-da51-4200-bbc2-6ac8666197be
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 16 Dec 2021 06:19:03 GMT
Server
MT3 4133 baa842e master cdg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8b9961ba-da51-4200-bbc2-6ac8666197be
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Dec 2021 06:19:02 GMT
/
pixel.onaudience.com/ Frame CDDE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1674DB44-51B5-40B5-ADB5-298DA410B8B2
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=72fb2970f6fd3e65492c908abba3cd71
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=72fb2970f6fd3e65492c908abba3cd71
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
HTTP/1.1
Server
51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-3.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Thu, 16 Dec 2021 06:19:03 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=72fb2970f6fd3e65492c908abba3cd71
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
pubmatic
um.simpli.fi/ Frame CDDE 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 15 Dec 2021 06:19:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b9961ba-da51-4200-bbc2-6ac8666197be&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b9961ba-da51-4200-bbc2-6ac8666197be&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:563
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 16 Dec 2021 06:19:03 GMT
Server
MT3 4133 baa842e master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8b9961ba-da51-4200-bbc2-6ac8666197be&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Dec 2021 06:19:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d65b1dce-9306-45da-b9ff-f23cc479c3b4
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d65b1dce-9306-45da-b9ff-f23cc479c3b4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:539
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d65b1dce-9306-45da-b9ff-f23cc479c3b4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1987437709068271678
42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1987437709068271678
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1987437709068271678
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4113036491349184853&gdpr=0&gdpr_consent=
42 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4113036491349184853&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:407
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:03 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
55eee6da-58ed-4c36-9a15-a0582ab54ba4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4113036491349184853&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u4KOgenS2dGggIjWu4fBgbzQidKghdSB74LbQ3sA
42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u4KOgenS2dGggIjWu4fBgbzQidKghdSB74LbQ3sA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:466
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=u4KOgenS2dGggIjWu4fBgbzQidKghdSB74LbQ3sA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1674DB44-51B5-40B5-ADB5-298DA410B8B2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KezUJBFE2uWr_58Fx.qidbJ8kHau51I-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KezUJBFE2uWr_58Fx.qidbJ8kHau51I-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KezUJBFE2uWr_58Fx.qidbJ8kHau51I-~A&gdpr=0&gdpr_consent=
date
Thu, 16 Dec 2021 06:19:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1674DB44-51B5-40B5-ADB5-298DA410B8B2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CDDE 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1674DB44-51B5-40B5-ADB5-298DA410B8B2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f9a2:1d20:7db2:a370 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329519890533415&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79fba116-33cd-498d-8801-7d13cb7e5d83&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79fba116-33cd-498d-8801-7d13cb7e5d83&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:523
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=79fba116-33cd-498d-8801-7d13cb7e5d83&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 16 Dec 2021 06:19:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514676855308932642&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514676855308932642&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:382
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2514676855308932642&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame CDDE 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1674DB44-51B5-40B5-ADB5-298DA410B8B2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:485
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:11485d30-ed07-4b10-a3e1-19182aa35e93&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:11485d30-ed07-4b10-a3e1-19182aa35e93&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:490
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:11485d30-ed07-4b10-a3e1-19182aa35e93&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 16 Dec 2021 06:19:03 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame CDDE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4113036491349184853
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4113036491349184853
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:297
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 06:19:03 GMT
X-Proxy-Origin
89.238.142.214; 89.238.142.214; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0e1264fc-6261-443d-b677-ad361c74fb34
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4113036491349184853
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame CDDE 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.68.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-68-42.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcRsG,pingTime:1,time:2957,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:34%7D,%7Bpiv:100,vs:i,r:,t:1948%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1009,o:1948,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1939~0,0~100%5D,as:%5B1939~120.600%5D%7D%7D,%7Bsl:i,t:1948,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~100%5D,as:%5B1008~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:377,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b.847999-57777460%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a.572a99ac-20b0-1b31-b2ae-ddce12007fc3.93_10933%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcRsH,pingTime:1,time:2958,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:34%7D,%7Bpiv:100,vs:i,r:,t:1948%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1010,o:1948,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1939~0,0~100%5D,as:%5B1939~120.600%5D%7D%7D,%7Bsl:i,t:1948,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1009~100%5D,as:%5B1009~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:377,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b.847999-57777460%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a.572a99ac-20b0-1b31-b2ae-ddce12007fc3.93_10933%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 1878 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcaTQzHI9pIbvzx1CkFADY6qdFqJ06eMjp4yg5B2LQqrVYnvmslrKVCV_nGG-_pKXQ844E8Skim7MuuIihnwwIFV9ltqP3&sig=Cg0ArKJSzMZSWlHX4XpMEAE&id=lidar2&mcvt=1001&p=0,0,600,120&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=943508953&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639635540071&rpt=2503&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcRwg,pingTime:-10,time:2497,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639635541397%7C%7C1126110a82113229412c044453873b3b%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7C4842ffd038a262dc54a35f1ae8b7b3a6%7C%7C31335c88478c0b9ed28d0f1cee1c9ed3%7C%7Cbe633ee808a8ec7c3f3aee8487369bbc%7C%7Cfe5b338465bfae44c2e54e2063f04854%7C%7Cb30e0650da36596a646df1950953919b%7C%7C1629390669,sca:%7Bspg:21cb7ad4-e139-178b-bb70-42f64639faa3%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:03 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame CDDE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158361&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=158361&s=845643&predirect=&userIdMacro=&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 06:19:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcShq,pingTime:5,time:5849,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:33%7D,%7Bpiv:100,vs:i,r:,t:822%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5027,o:822,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B814~0%5D,as:%5B814~120.600%5D%7D%7D,%7Bsl:i,t:822,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5027~100%5D,as:%5B5027~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:298,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a.847999-57777490%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b.38080026-4eb7-277c-d0cd-03e33d544e64.121_10933%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:06 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=771792ce-fbaf-ed31-f743-f9726433c57d&tv=%7Bc:wWcShq,pingTime:5,time:5849,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:33%7D,%7Bpiv:100,vs:i,r:,t:822%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5028,o:822,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B814~0%5D,as:%5B814~120.600%5D%7D%7D,%7Bsl:i,t:822,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5028~100%5D,as:%5B5028~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:298,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C171%7C181%7C191%7C1a.847999-57777490%7C1a1%7C1a2%7C1a3%7C1b*.847999-57777460%7C1b1%7C1b2%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1g1,idMap:1b.38080026-4eb7-277c-d0cd-03e33d544e64.121_10933%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:06 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=572a99ac-20b0-1b31-b2ae-ddce12007fc3&tv=%7Bc:wWcSkF,pingTime:5,time:5623,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:524%7D,%7Bpiv:100,vs:i,t:613%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5623,o:0,n:612,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:523,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B123~1%5D,as:%5B123~120.600%5D%7D%7D,%7Bsl:i,t:612,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5010~100%5D,as:%5B5010~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:184,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a*.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1b.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1g1%7C1g2%7C1g3,idMap:1a.21cb7ad4-e139-178b-bb70-42f64639faa3.101_847999-57777490%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:06 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 1878 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=38080026-4eb7-277c-d0cd-03e33d544e64&tv=%7Bc:wWcSq8,pingTime:5,time:5764,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:120,h:600,t:479%7D,%7Bpiv:0,vs:o,r:l,t:610%7D,%7Bpiv:100,vs:i,r:,t:762%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:762,n:610,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:479,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B158~1,0~0%5D,as:%5B158~120.600%5D%7D%7D,%7Bsl:o,t:610,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~120.600%5D%7D%7D,%7Bsl:i,t:762,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~120.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:201,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C162%7C163%7C1641%7C171%7C181%7C1821%7C191%7C1a.10933%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1a6%7C1a7%7C1b*.10933%7C1b1%7C1b21%7C1b3%7C1b4%7C1b5%7C1b6%7C1c1%7C1c2%7C1c3%7C1d11%7C1e%7C1f1%7C1f2%7C1f3%7C1g1%7C1g2%7C1g3%7C1g4,idMap:1b.771792ce-fbaf-ed31-f743-f9726433c57d.119_847999-57777460%7C1b*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:06 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcSv4,pingTime:5,time:6949,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:34%7D,%7Bpiv:100,vs:i,r:,t:1948%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1948,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1939~0,0~100%5D,as:%5B1939~120.600%5D%7D%7D,%7Bsl:i,t:1948,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:186,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b.847999-57777460%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a.572a99ac-20b0-1b31-b2ae-ddce12007fc3.93_10933%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:07 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A363 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=847999&asId=21cb7ad4-e139-178b-bb70-42f64639faa3&tv=%7Bc:wWcSv5,pingTime:5,time:6950,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:120,h:600,t:34%7D,%7Bpiv:100,vs:i,r:,t:1948%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:1948,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1939~0,0~100%5D,as:%5B1939~120.600%5D%7D%7D,%7Bsl:i,t:1948,wc:0.0.1600.1200,ac:NaN.NaN.120.600,am:i,cc:NaN.NaN.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~120.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:186,fm:sRJBDfP+11%7C121%7C122%7C123%7C124%7C125%7C126%7C127%7C128%7C129%7C12a%7C12b%7C12c1%7C12d%7C13%7C14%7C15%7C161%7C171%7C181%7C191%7C1a*.847999-57777490%7C1a1%7C1b.847999-57777460%7C1b1%7C1c1%7C1c2%7C1c3%7C1d11%7C1e,idMap:1a.572a99ac-20b0-1b31-b2ae-ddce12007fc3.93_10933%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.57.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-57-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Dec 2021 06:19:07 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=26703531;s.a=3213511;p.a=317301178;a.a=509867565;cache=843609538;
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEM855lwBEnqOmdYSuQRCB74&google_cver=1&google_push=AYg5qPL1DOGEDFVApWi5qyuvtldUSO7_LH93VayGrxy8dpoQ5VXcgeS7PwL5E_M2NN6PZDWauiizrlInQ7q8PUfvR4j441aLiDTU
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEM855lwBEnqOmdYSuQRCB74&google_cver=1&google_push=AYg5qPIngu0ctcVq-ufiPenQhzI0ZqH3urYALgReoRz-vZ-D3fBLtmbDEsDMHaK9-u_4eKO_oLS3ya4a9u_IkOcD0cCgETSbJSrV
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| _jxbidsq object| _jxbidsreportsvcq object| googletag object| pbjs object| jxtrkr object| jixie_o object| jixie_p function| myAdDoneFunction function| SpotXPrebidRegular number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| AdTrack function| sendAdserverRequest object| ggeac object| google_js_reporting_queue number| wScreen_bf object| getCloseBottomFrame object| getDivBottomFrame object| getDivTransparentBf object| getHrefBottomFrame function| showElClose_BottomFrame function| removeEl_BottomFrame object| unruly string| __unrulyPageLoadId function| $ function| jQuery function| lozad string| base_url object| jQuery11240318026555745597 object| core object| __core-js_shared__ object| firebase string| site object| uuid_c object| ukid string| id string| jixie_id string| city string| useragent string| uuid function| setCookie function| getCookie object| Base64 object| script string| curr_url string| full_domain string| domain_login string| domain_name string| service object| ls object| Criteo undefined| google_measure_js_timing string| safe string| keyword_targetting1 string| keyword_targetting2 string| keyword_targetting3 object| google_reactive_ads_global_state object| google_tag_manager object| d object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| _atrk_opts string| dom object| hd object| linkelement object| webpackChunkplayersdk_html5 object| IVS object| teadsscript object| h1 object| h1text function| insertAfter function| filterNone function| getAllComments function| walkDOM function| fetchRelated function| buildView function| doAddFallback object| gaplugins object| gaGlobal object| gaData object| criteo_pubtag object| criteo_pubtag_standalone_116 object| Criteo_standalone_116 function| atrk boolean| _atrk_fired function| bugsnag object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_290649 object| teads function| pbjsChunk object| _pbjsGlobals object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| Criteo_prebid_105 object| ampInaboxIframes object| ampInaboxPendingMessages number| timeout function| removeLastHighlight object| GoogleGcLKhOms object| goog_ddm_ps object| PubMaticSync object| google_image_requests

111 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhDfvpOP3C8=
.scorecardresearch.com/ Name: UID
Value: 1OJFHS3OU24MTCZUVCVC5Wg1639635536
.grid.id/ Name: _gid
Value: GA1.2.1899568611.1639635537
.adnxs.com/ Name: icu
Value: ChgIjspkEAoYASABKAEw0LTrjQY4AUABSAEQ0LTrjQYYAA..
.grid.id/ Name: _dc_gtm_UA-19394023-9
Value: 1
.grid.id/ Name: _ga_JL4WNPXLQ8
Value: GS1.1.1639635536.1.0.1639635536.60
.grid.id/ Name: _ga
Value: GA1.1.1543323936.1639635537
.grid.id/ Name: _ga_DEHFJ8M3W4
Value: GS1.1.1639635536.1.0.1639635536.60
.adnxs.com/ Name: uuid2
Value: 4113036491349184853
.grid.id/ Name: __asc
Value: 3d796c4e17dc1e4cc8f109c5de1
.grid.id/ Name: __auc
Value: 3d796c4e17dc1e4cc8f109c5de1
.trabd.jixie.io/ Name: TiPMix
Value: 89.8143850219503
.trabd.jixie.io/ Name: x-ms-routing-name
Value: self
.traid.jixie.io/ Name: TiPMix
Value: 21.9787129303341
.traid.jixie.io/ Name: x-ms-routing-name
Value: self
.jixie.io/ Name: client_id
Value: 0cfab820-5e38-11ec-a1dd-79ae7a451fe8
.jixie.io/ Name: sid
Value: 1639635537-0cfab820-5e38-11ec-a1dd-79ae7a451fe8
nationalgeographic.grid.id/ Name: _jx
Value: 0cfab820-5e38-11ec-a1dd-79ae7a451fe8
.grid.id/ Name: _jx
Value: 0cfab820-5e38-11ec-a1dd-79ae7a451fe8
nationalgeographic.grid.id/ Name: _jxs
Value: 1639635537-0cfab820-5e38-11ec-a1dd-79ae7a451fe8
.grid.id/ Name: _jxs
Value: 1639635537-0cfab820-5e38-11ec-a1dd-79ae7a451fe8
.adsrvr.org/ Name: TDID
Value: d65b1dce-9306-45da-b9ff-f23cc479c3b4
.ctnsnet.com/ Name: cid_ff925d1dc5ff493ca6f3bcbe6c902b97
Value: 1
.quantserve.com/ Name: mc
Value: 61bada51-3d664-a1ce2-68ab1
.mathtag.com/ Name: uuid
Value: 8b9961ba-da51-4200-bbc2-6ac8666197be
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YbraUQAMUrEKcABR
.doubleclick.net/ Name: IDE
Value: AHWqTUlJqOcyA9q_i24pr58Xn_aLy-o4H63Zlso5me7VzfhqJiXvp2H-RxmdOJmEsms
.casalemedia.com/ Name: CMID
Value: YbraUc4Zw-BxkkkwsWXfVgAA
.casalemedia.com/ Name: CMPS
Value: 699
.casalemedia.com/ Name: CMPRO
Value: 340
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2107bc637b68967e
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c532b65f-fe7d-4efc-4a4b-c0b324dd7149.3L5yrM1FW%2BU65xceKsacJA3aDldpAXZ7uGSTjKzJkzs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-c532b65f-fe7d-4efc-4a4b-c0b324dd7149%24ip%2489.238.142.214.Tpu8TEy9xaaTpoZR%2F9r6Kca23dL00P537YhwHiLx%2F%2Fo
.bidr.io/ Name: bito
Value: AAK9rU7DdbUAAD3zl9SA3A
.bidr.io/ Name: bitoIsSecure
Value: ok
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003%22%7D
.hb.jixie.io/ Name: TiPMix
Value: 65.4208369392067
.hb.jixie.io/ Name: x-ms-routing-name
Value: self
.bidswitch.net/ Name: tuuid
Value: 79fba116-33cd-498d-8801-7d13cb7e5d83
.bidswitch.net/ Name: c
Value: 1639635538
.bidswitch.net/ Name: tuuid_lu
Value: 1639635538
.innity.com/ Name: iGEO
Value: GB%7E
.innity.com/ Name: iUUID
Value: 3626a2d98a695b9019a0385c55bb446d
.c.appier.net/ Name: _auid
Value: QOtVAaePDl2K6bXhUtq6YQ
event.clientgear.com/ Name: mkuuid
Value: mk281ee156-c7f2-42d7-8fa2-08e622c08a03
.eqads.com/ Name: EQUser
Value: UID=bf3b91d9-8772-4131-a0f6-48afdc2db9a5
.grid.id/ Name: __gads
Value: ID=1800d963106501d0:T=1639635538:S=ALNI_Mbm8SWz9Mmz2oggR4q4MlqDRvCCIQ
.criteo.com/ Name: uid
Value: af8f0e00-3da9-4e06-b7e6-42cc58fe7e51
.casalemedia.com/ Name: CMST
Value: YbraUWG62lQA
.grid.id/ Name: cto_bundle
Value: P8Rn8l91UFhZaUozRiUyQiUyQjYlMkJaaGQ1NW5vZmZTaDM2YlNCclJKckEybEhVcFV5MWUwVVh6SE16Zmg4cGJRSmZucVBuQlV2Z21veXFXQXclMkZNUnJoT0c4M3BrV0ZjdDJpMm9nQlpZOXN5RSUyQmZrYU5Ualc2T0FmWnNoeSUyQll1SlBpVHNEVXZKV0IzS2NJNXF1SnM1STRvdnBIaFR4ZlElM0QlM0Q
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVIolIh*!]tbPl1M>e)ZlrFUfJ+tGXxoeFXCzAEW$p/Er2gaXm4/0<rzGLb#oVd^G#vN*bpRz*qF1`*b`h^*K8`k
.casalemedia.com/ Name: CMRUM3
Value: 2d61bada542760CAESECvpIp66cqb9r7WwrgBirVc&2961bada5105a0&e661bada512760&f161bada5105a0&be61bada5105a0&c361bada512760av-249f7be6-a92d-40db-bf34-11f5d5722f5c&2761bada510b40&2861bada532760bf3b91d9-8772-4131-a0f6-48afdc2db9a5
.mathtag.com/ Name: mt_mop
Value: 4:1639635540
.360yield.com/ Name: tuuid
Value: ad22cd00-5668-4a06-a17e-5283769205e0
.360yield.com/ Name: tuuid_lu
Value: 1639635540
.de17a.com/ Name: guid2
Value: 1.4346793115810061751
.3lift.com/ Name: tluid
Value: 4062882789094193570
.yahoo.com/ Name: A3
Value: d=AQABBFHaumECEGwdHBhj4CTkCkgk8CYcYDIFEgEBAQErvGHEYQAAAAAA_eMAAA&S=AQAAAhB7G0cnU3pSG7eA6DTxzU0
.adrta.com/ Name: __aavi
Value: 5402309903103273467
.adrta.com/ Name: __aavt
Value: 1639635540632
.adrta.com/ Name: __aasi
Value: 12993978504494247190
.adrta.com/ Name: __aast
Value: 1639635540632
.lijit.com/ Name: ljt_reader
Value: 0a115d9be9495e93aa0ef63a
.simpli.fi/ Name: suid
Value: EC30756037434F9E8694F59FE6223746
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1674DB44-51B5-40B5-ADB5-298DA410B8B2
.adform.net/ Name: uid
Value: 1987437709068271678
.advertising.com/ Name: APID
Value: UP0f389af9-5e38-11ec-af2f-0ab25698202f
.yahoo.com/ Name: APID
Value: UP0f389af9-5e38-11ec-af2f-0ab25698202f
.yahoo.com/ Name: APIDTS
Value: 1639635541
.bidswitch.net/ Name: google_push
Value: AYg5qPKiFxJxfxC-oIoWhzRPCkv-jfjfkFTR06QnAKGHNnbt8juoNDsEMPEavoqNIEWAyRB6K4wfUbh_k7XBVy97EeDBv5TrpVk
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAMIkFQJ3Y-FS0eolCGfj8Q&KRTB&16514-CAESEAMIkFQJ3Y-FS0eolCGfj8Q&KRTB&23025-CAESEAMIkFQJ3Y-FS0eolCGfj8Q
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 158361:3
.pubmatic.com/ Name: DPSync3
Value: 1640822400%3A219_201_197%7C1639699200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1640822400%3A166_189_176_161_99_13_233_231_7_88_204_220_71_165_230_8_81_54_3_222_21_56_22_55_234_238%7C1640908800%3A35%7C1640476800%3A63%7C1640217600%3A223_2_15%7C1642204800%3A203
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4346793115810061751
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4113036491349184853
.quantserve.com/ Name: d
Value: EB0BFQH8JIEO-TCsuZMA
.adfarm1.adition.com/ Name: UserID1
Value: 7042181034545707158
.onaudience.com/ Name: cookie
Value: b21bd7f0fa5cc6e9
.onaudience.com/ Name: done_redirects161
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2246:18wq~2246:18z8~2246"
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YbraUQAMUrEKcABR&KRTB&22978-YbraUQAMUrEKcABR&KRTB&23194-YbraUQAMUrEKcABR&KRTB&23209-YbraUQAMUrEKcABR
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1987437709068271678&KRTB&23263-1987437709068271678
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8b9961ba-da51-4200-bbc2-6ac8666197be&KRTB&16736-uid:8b9961ba-da51-4200-bbc2-6ac8666197be&KRTB&23019-uid:8b9961ba-da51-4200-bbc2-6ac8666197be&KRTB&23114-uid:8b9961ba-da51-4200-bbc2-6ac8666197be
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-d65b1dce-9306-45da-b9ff-f23cc479c3b4&KRTB&22918-d65b1dce-9306-45da-b9ff-f23cc479c3b4&KRTB&23031-d65b1dce-9306-45da-b9ff-f23cc479c3b4
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-u4KOgenS2dGggIjWu4fBgbzQidKghdSB74LbQ3sA&KRTB&19420-u4KOgenS2dGggIjWu4fBgbzQidKghdSB74LbQ3sA&KRTB&22979-u4KOgenS2dGggIjWu4fBgbzQidKghdSB74LbQ3sA
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-xTK2X_59TvxKS8CzJN1xSVnujtY
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj4hevQv5mgOhAFGAEgASgCMgsI7obp_tWZoDoQBTgBWgthZGNvbmR1Y3RvcmAC
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7042181034545707158
.erne.co/ Name: u
Value: y2eyBciv6Ua44GKnm1vvX_Xb
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-y2eyBciv6Ua44GKnm1vvX_Xb
.adsby.bidtheatre.com/ Name: __kuid
Value: 11485d30-ed07-4b10-a3e1-19182aa35e93.408849543
.taboola.com/ Name: t_gid
Value: 8293686b-9802-4147-88ea-c5c74bc8bc44-tuct8b45fd7
.exelator.com/ Name: EE
Value: "72fb2970f6fd3e65492c908abba3cd71"
.turn.com/ Name: uid
Value: 2514676855308932642
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHcKC3JyNLcIM0sLcU41czUxNIo2dLAIjEpKdE4OcXccHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoid6fFRSlpDItKik8F73vwCQCOsysy"
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2514676855308932642
.pubmatic.com/ Name: PugT
Value: 1639635543
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-c003b1e5-b49b-4b46-a33b-35415e0e2a2a-003
ads.playground.xyz/ Name: connect.sid
Value: s%3A3acSEToq5MvkFBhXx80IJDzHzHaB3Eyq.rriF0r8uNGk%2BBhzg9pAZGsDBJvmb58mZcDWe49zfklE
.tribalfusion.com/ Name: ANON_ID
Value: asnseFxZduB7RApTrruFgyg6FM1FxSrSExA19ZanZbGgxHdMjWGY1ErGh1ZaOKeOeWpQCMwGn62yZc2547G7YZcXXY
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1tLSwNDA1NjYxNBXiM9Stcgx29TJydUr2zI8AAKBw-7slAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmxpZmxqamJsYWgMAME7lncQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1tLSwNDA1NjYxNBXiM9Stcgx29TJydUr2zI-Q4jU0M7Y0MzY1NTG2MDQCAMCOn_k0AAAA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-79fba116-33cd-498d-8801-7d13cb7e5d83
.pubmatic.com/ Name: SPugT
Value: 1639635543

9 Console Messages

Source Level URL
Text
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://match.prod.bidr.io/cookie-sync/unr?siteId=1082369&_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=26703531;s.a=3213511;p.a=317301178;a.a=509867565;cache=843609538;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJpTzTI0bUOZyKw0ZR-oPkJxo650VA4jupCdwsWrX6_uZcdfDNSIneF_gGYVpKU0r3pNOK3h4l8tF_jFnpiKMkchioPJdmm
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=rSLNAFZoSgahflKDdpIF4A&google_push=AYg5qPJLdg4ZWXIBzo-1dIJtB7RjA0KyLHgy3q266rjc7RZ1R6FYSQ7WhqarsHnj7XxFOdjpABzKpcZQv2esXvZEO8EDPEH_mlDf
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPL37yjC_66VKuX7LfHO46hqV40_-VLHjFjoaj421hC6dlFYVEOHYPRxfTW6_TMDqu4Ifvs2N7X5vMfrPLxTt0Vmzw9tj-Av
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
accounts.google.com
ad.atdmt.com
ad.doubleclick.net
ad.turn.com
ad2.apx.appier.net
ad4m.at
adrta.com
ads.gridtechno.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
analytics.google.com
ap.lijit.com
apis.kompas.com
apps.sascdn.com
as.innity.com
asset-a.grid.id
asset.kompas.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
c1.adform.net
ca80dce834654bfd8331102cd11ff467.safeframe.googlesyndication.com
cdn.jsdelivr.net
cdn01.basis.net
ced-ns.sascdn.com
certify.alexametrics.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
core.iprom.net
csi.gstatic.com
csync.loopme.me
d2wy8f7a9ursnm.cloudfront.net
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
delivery.r2b2.io
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eqx.smartadserver.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gocm.c.appier.net
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.jixie.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ipv6.adrta.com
kompascybermedia-d.openx.net
loada.exelator.com
log.r2b2.io
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
nationalgeographic.co.id
nationalgeographic.grid.id
nep.advangelists.com
node-uk-aesei4.sitescout.com
node-uk-raap3o.sitescout.com
openbid.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pix.adrta.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
player.ivideosmart.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prg8.smartadserver.com
pubmatic-match.dotomi.com
q.adrta.com
r2b2-emea.adnxs.com
r3---sn-aigl6ner.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.gumgum.com
rtb.openx.net
rx-stats3.unrulymedia.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
scripts.jixie.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
stgrid.kompas.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.teads.tv
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trabd.jixie.io
traid.jixie.io
trc.taboola.com
u.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
usermatch.targeting.unrulymedia.com
video.unrulymedia.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www9.smartadserver.com
x.bidswitch.net
ad.atdmt.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.117.200.100
104.75.89.75
104.92.74.8
108.157.3.184
119.81.192.141
13.213.181.211
13.224.189.21
13.225.87.52
13.248.245.213
142.250.184.198
142.250.184.226
142.250.185.130
142.250.186.98
143.204.101.199
143.204.98.23
143.204.98.33
143.204.98.80
143.204.98.87
143.204.98.96
151.101.1.44
151.101.66.49
169.197.150.8
169.50.137.184
172.105.221.29
178.250.0.157
178.250.2.131
178.250.2.151
178.62.202.251
178.79.242.181
18.136.93.127
18.184.229.226
18.196.241.128
18.66.248.5
185.29.134.248
185.33.220.217
185.33.220.242
185.33.221.91
185.59.208.177
185.64.189.110
185.64.189.112
185.64.190.79
185.64.190.80
185.64.191.208
185.86.137.114
185.86.137.17
185.86.138.122
185.94.180.123
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.19
198.47.127.20
199.187.193.181
2.18.234.21
2.21.111.28
2.21.141.175
2.21.142.98
20.43.132.130
20.44.221.77
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.44
216.52.2.39
23.20.27.65
23.88.75.188
2600:1f14:b4f:4b03:4fa2:7755:ddb4:2837
2600:9000:2156:2e00:1b:5138:8a40:93a1
2600:9000:2156:4800:8:48e:53c0:93a1
2600:9000:2315:1000:2:9944:c5c0:93a1
2606:4700:3039::6815:c0af
2606:4700::6810:5514
2606:4700::6812:c05
2620:116:800d:21:ee05:6a01:4b41:8c89
2800:3f0:4001:81b::2003
2a00:1450:4001:802::200a
2a00:1450:4001:803::200e
2a00:1450:4001:808::200d
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:4009:10::8
2a00:1450:400c:c0c::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba0b
2a02:26f0:de::5c7b:b472
2a02:26f0:fb:199::26e5
2a02:6ea0:c700::10
2a02:fa8:8806:12::1400
2a04:4e42:400::300
2a05:d018:d29:3601:f9a2:1d20:7db2:a370
3.248.66.137
3.33.220.150
34.102.253.54
34.96.119.68
35.153.248.18
35.186.193.173
35.227.252.103
35.244.159.8
37.157.3.30
44.193.191.16
44.235.57.160
44.239.18.79
47.252.78.131
51.210.112.63
52.2.181.154
52.45.33.138
52.46.154.242
52.48.8.1
54.174.249.39
54.224.68.42
54.236.214.209
54.237.255.89
54.73.238.193
54.78.254.47
63.251.232.165
64.233.167.154
66.155.71.106
66.155.71.108
66.155.71.150
69.173.144.165
69.173.151.100
79.133.177.225
85.114.159.118
94.23.171.206
00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f
014d7fe9e37fd7ea12010975a66e9c6c40bcc0f2e1f281af694d72980e42bd23
01d8fa0a4a97cfc72b9c4343d43bd68cd3becfbfa7e2a764d3037eb36e5e2063
020b7abbefe06a1902e0d1160e9481ef2e518906dcc5f91bf2ce33f4b1a2341b
04af8114d9db8c32055321b67b53ab177f7e1c0da2b43f74e81bacab8c3fb0c1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06432589bb496ce3791bde5ffbbe85f108a1193d939bb2bbf3a48edef277a08e
075e76a3c745d49c10187f975555e542f71a307323dc557da26e0ca6ed422d78
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
0968958973d172d6d0a05b5de60052a45e93763b31aa8c1e3c68822756131d4e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cd99ca2bfb922fb3c52fa43f406bc0e1412628943e6c216c5f002dc4a50e852
0d81f57e31f9f20545d1708f10b05a4f975b4a7a8bbbf4425d8215ebc22dae18
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f12ed6744a21d10507ea52d2d6fac2e8ea9ccec2d1042aaadffe44fb7b97a80
0f71e20e99ec986583a4ef29196de57e72871da98b83feb2fa093fae2053ea69
0f9c1717291343eafec960d5abc6ffb183d3260ea8499cce78c48258dbdbe8b5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13393fd832ccc3b68167e58032449109093edeba039430612cc39b81939e97a5
153cda662621f636c86b1846411cd25443b42817078fb734b6b36299e96a523c
154f964dd80cc9ae060d650a9796b30a560afd0db89a5c4a693af0d50f2320ae
1709ddd58f038e7855aaecbbcf57aa20bfa77979437b6e263e6ca5b1037aa77e
1760e24904d16ad7a68ad5f50ed81769f28a990c35563f234fda6f7d069e5f7b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f2f9dd38f10a8953b89c7bbc62bfabab9b4b39120af12be3ef90b1b86f60e6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
202b188608427151eb39aed3c2f58f3afe8b854f9ef9d3532e7c6463d7801496
21108ed248c0dcee6c882cffa34d69e67aa645f80e78ba1b7b0c37e29fca2e4c
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2583f80f1d965149efce886cbfaaa2711be88fd18d58e28426df92f2c563d300
25c510808ec0ef74c7ced166e3f9250947af5d840418ad8a9aad4ce0566fee78
267854b1083c97899a2c8cfdb8fa73ce3d3ce304d04145f330654c6a94038ac1
26dae759d01ee4a099c841c13f956f17ef47101ae1b0f4646544ae1750ec7ac4
279689dea41f9426af08caab70e6f7e892f6cd0af670dc9fad7cca8b85131300
2a9e0440f6d7e307945f9fc5e65871f45d2c006574f93959e7aede47e763ec91
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33961044e460a6a9e9feba299df9df93aa769b4ff9fd3c0a1b4b393e5dfb3058
33eab5c2f0e3dd967e917f34bf9044ef280a1c73501414c1da75251664e04861
348fb34ed4d889e97ca937d27ec5220a0555dba7a6a1491672f132f69e1f6f16
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38dbae32ebce629b55095d63cf4867debd2e1d72beb098c2800901607fbd270f
39e69f7c957c9b903db9295c8cfb8c81acff20df04cc63c6d9d153753023f388
3a82fcf5be37b7fa1ca3f1c60e307f1080e42af617bbd85696e95613a97d53ca
3b0c9399b95682009c5bc6479b60026b1463da74dbba7b7fa9d9a46a98889bac
3b1b5beed21ada474a95684d98321977e91bc800065743d586d71b83595ec21c
3b7f16191ccee2f4100735e0c1114aed8bb65e245aa7bf923929f9631ff7f430
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3ce625bed4d56cf75bbc930385e6333bcc8e0fd1b485c542829d17ba1bcac368
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3e45b024847c77de06437f176271bb24b23a8eda27a2075df36f0679b1601db5
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3fb4e039ecc23d23e5e7169c4dc25f51fec5e1b138a5e282d27e789268637523
3fdd931618eb7007eb05a6ec9f95218690fa4c1f2b35698aa93d807dd2cd17a7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
4341b76ade3129f6736410fd93575e6722f2604dee1a332a6d2c2ea2b45d36dc
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
45a3e1493c4a0e8e4d092586f2c21ff1f4e507d714e1f46a3a436028dd42f787
4642e07e0c3f759d78e80ccf78459cd4432537f80c2bb1d9c7784842c52b795f
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49621e436525b12f63dc7d366cc42e95a0815196991833456ada04bb72080dfb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f88580815b2c428865833baea91519178784f3292bbaadeedd62b791e66ca3c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51068bc89f46b22820e139bde22a58f847a936d70296dd3b5117efb4b6c80268
51eb7210023b3d8b0c3103b4bb11fc699f48f87adb74f44bf82ced2793f1a5d2
52da09c9a337f4f5af7661a3b7cc2004cab74a86fdf57e99a8e81979d26d770c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e361db1f96f6d40909238f50e8aa52815ce6fbb8c689b24df49f40830b45641
5e65bdd37ea196761942d1db53901d7464f816621511598673fb3e028b584267
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
60f1049eda05e15054d13ac449d2087389816a3e95d09340a9f8a6d3042db8d4
61ab9e52772309b371523082bf77c63298a2b1e166ed7309776bd87193b194b8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a
656136cf92d62284887324cf2f49d5fcc708d9d63750670d9bf17c58654561c8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
676359d034469f417493da2135aa2df7914cb6959480248cfc9c0d87d2e3b92c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aeaca5eaed6fff9a71fc05e01e896b97db39141fcb4b0bbff8a08fc8754f451
6c661089dddb9797c4617a25a50e392b2c04d3e25911d476e1d55a28e1559fe0
6ce6a72edd698d162f0041b4a32956b2783131668818fcc4f339098858a192d9
6dcb0f292e74d71df27b491baf0c0df5f0341e314e1c04fb59480dbaebf6c514
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
6f0e5a069925e096855eb8a7c4b83cc4012e7d288dd6e20fd0a5485c7af3a596
6f1d85d65aed92402a876e52e04367d9e2dba0f788e5e791ec21249d07f32dcf
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
714eed23f4bb55c8606d0fb67d4e6de35c01525bea8ee8f4eae8fc7d43e10d73
73d1a396d2811e1352820cc9b38465b4c44dd93eeb08ae7ae5d119532c586847
75bd2c81aaaa5e6cc9aa604002e044cfe4cd5ba57389f8b9f7b070f2331fd138
795c86ca9140f5ab15efd64e171c82cfbd4306cbac92d9a8d766830ab8587ddf
79bea76dc8f96aa37e9fc06fb82ff82bea2267a9ce64a87504780328cdd16d1d
79df698ed9c174a5c956bae06db86fbe887414b4833ba9256436983909727e65
7af716800c55ac4d171e9cd2a374cb4e76135462878a1c0bf2235f7e787b3be2
7b2c2c70b3522ddffbb4f376e6e7207c6153cd28251435f27b4db4ab378a55fa
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
7fe2c3b0ceb44bdfe9ef909e40e1c1ec8601fdff5be704bf380fb2803de3a716
7ff87fffd27717c26dd18f1bbf22eac83b8ba4ef705ed48fc0ad67fc7b913e7a
801d19393cb04ec223da9ba1db93ec1fb2bbee12d7a7411ec3353cb77cbaabc3
8038415b53ff2c8513e8411e32992d0ee139d5509b0069ff4a1a02d8ee6b3024
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
872ea7ee4063955a38cba12456ee480ea5cdbedb33ce8cddbd6e153f4d21d816
87585f78a2a5fd5859e3540a1a6a010d211b04649b6cc5f11ac157655981e212
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
883705df2ab83eb05ffa24d24ed74f45320ebdee2792896192accd4f37ac56cc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa3b7d107cf98e81e9653443b6907aa7921fe7f0fded1518db5aa0fbf1a48f9
8b56f73a7d56f36e2d5a084f0b4395306e2748b9701a13717e401fbbfbebb201
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8ce7ceca72adcf80e0bbb9c8808dd71940e4a6ef98f75c048ca62cc59ebe805c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4c3f81037f03d7851d0dc5bdc30906d542303fad118bd695131a6bd1116dd8
905fda12a027c0166c312e15c405bf407f2e6c0a520cb133423d71a244b223a5
91f1aa49deaf5d0dd65c0ac747f9717f8fa036b8b12ca43fcad75e96e772866e
9529b0a64a297463ef67485e060c33abd87638cb8a07771b50d7766afb0752ac
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98089a1caaeab7cde0df23540e16fb5e3fe46c07819c23fb63c0854a64381260
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98fdc3dc9e9d5836958f6e74ff1affdbacb433bf68443c7b373207508499fb2c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e0667e8795cbdb369cf33057b3aec0949e317f6e3875d22257d95e5f24c8570
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011c98d20c8afea31a22879b440100871a16d63d657329ce83062146a0778d4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a082bfd96630ab857ec08e4e0055175aae987aea275d450f048ec3fee5de5383
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a22fbb6b794cd4b81462711d7779a7163a2cd498017b25109042bb97301a3379
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a3577f0bb5e20b6876e66bbec857b0a764bcf380102028cacf3e1d84ade2ca0d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5258e4a55743e27828105d682d011e87d9e85070aeb318542237dcd35ee0fdb
a6bab38dd771d4056ff9339cfec9c45abd47461ab2d930e4c165199e0438dfcf
a6eda7385b411fe168b82e1985435a9489a3ade2542099dda28ed4d2bef31740
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75f2f4103ce31516602d259d0ae404734adfed5f454e51f52235a51471e2211
a79d0e828e287adcf8a00b934cb03ae8a87abbf6e65ee22bbb85a39a2e298201
a83407132ce4f1d062c40d7203be3b773f57ea6cabda69775a9fcc7e43878ae7
a8e2a57103f338dd64ad7f8a2d8191dd7b23c82c2371223fc97a29140a492fa4
a9e9cd8e6d5169db17a42c768e4d9abab3a5bfaaa98fd09ea4ea26d97246bf5d
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad95a98c621ef30d7d56b0ecd39fdf31bf0e1bb26a7fbfc8a84ef82940abe61f
aeb19cf3b6630f6c1542112fdbcf31b3b047a44b9eff95c72a322b7a0e6a0e07
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c56f199c51aba42751d11e1df29feac165e5e8f93c7bacaddc72eebaa4c8ed
b2ffadd6dd473ddf322806d456a31ffb76bd77cf484ceeedbb2c46e0abcf3a9c
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b65848b9307eb691e483d0d5d3df6c4fa4349622fddf41851fa8aa33964f3faf
b9855702b5b237c63644afdedef63d59efa873e47237ccd7eea82a1fc4e4b4fa
b9876b883579f27e9579e2f9da8deeaa71cf61640c3215a3a469e48224b78358
b9bf34a4a117795cace257ddf1a2c8002513749a962f2e512823459f55cc3375
bab55278b7b93eef66dd62e1f37c4a987dde388a917274bb7ba21f41044e244e
baea5caffda9109fe3fe251376d60a25ea43c846fa7bb8dc4b15da44a78c6760
bb246f88c8d0ba427dc63f930d976da1c96ae096a34985327d8a3f79e4f18373
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bcd37221540418727db6cc5406d89f5eb2ab9c1aae926991c269bf37d5d4bad4
bce60bfe080c88aa73346a9176b1a630bb9222cb0f8310ceb2ce465f0500a197
c1c26a5bb3bfa77f5fb1ce077d595df17950c0380ffc566324daa13bbac0bf66
c216a86578660a8f11fb6316ff4aecb0cdc0411f8384ae102963e4c5bde83116
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c652842123aa68b6a963cbd5c40dad40189cf9ab8809894e44ca0f271bd95f0d
caac8746ff2afd391c74e9b00c2d8f63e6c4f1dc7901567000ad3278c678a945
cae022298b8aa4e5cc59ce3e51b6f3ed7a7b2ee804853ec35d11f2b04571813b
cc02acefb5a03e9f29cd49ab8d922d81d98fad29105c9522370936b86f28ec83
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1bd379d2bd3ef28cb6ec7af831573d68d678b81474c632df7b5646f4f1b6247
d584bd3ca71da1da19953f5a7cde43436718d59b40dc304f34faec4ad5a1b58d
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d88522ded868c9364a5256c33de5aa87a534eedb1d012fa35fbf595d1007d3ee
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d9cf9a0d9992b5d9ad4df82ad98abfe3d16fe49a5bd3f10d7cfc6a5680fef67d
da398887987ebe2b9ca0d31bab4be8d537abe847253d0f203d84f8caa6abf234
daa2e640368b2d588d5401a524142e62fceef1a3fa74000c6a80c0b2581cc9c2
dab57ba48843c1a5838c4f37ffb1efc196fbaf63ee4ffe70bc97e052d36cf690
db41861e19dffee1d1349e68f5be8a6796ac209694d7b25cd52b11f6ecdf3476
dca5d6f7e5b17ce0e464cbee245411efc50c007ccf7dfd32f7ec0fb72655da0f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd416190714defa54fb350c278815c604e4fb1b05acbed5b67f35d8860abd415
de398cef5e0bbe384fc276a961138d8db9fdda2e1a2c8e7c46ca759bdca14640
e02c5a07af7159ee00ded176a6753a09d7a0a59edce22510dbd54d7b965d642d
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e32802ad7ce328a84bdfcbe00ac13e073169a0703896ed8a82ac8b54ae13aa0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e8a724be8b8b9c796ba2ea193b6ede02e1d77be80010a7d309d2577f35d8832c
e979c6e62ea0f863b394a8fdddc5004b20d64e570e89da5833fc9304ba1970b7
ebed55e3dee1c7380bedb8bd3978145a2afc56c7285ed6854fc2e4b26a4e3e39
ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3
eef2525c2fdb145070cc666174212f34c138606674ae23e4a7d035a88282a048
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f318c2d9794514096e78e669683ed1baf7e6ae5a1e257d1761ec73680f4ca86a
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f6afef23af834e5f335bf5b8d5d52549c1de6b290997b7254b3398ce275fb723
f93264606087b4c1dd4e0bb8bf2ed92549c53fe8b5f095d214c4e72a765f5482
fdbd6755c5984815158d1cfe6597c7cb75273805431fee40e256cb4b4ffd7016
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914