thefly.com Open in urlscan Pro
2606:4700:10::6816:548 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thefly.com/portfolios.php
Submission: On January 09 via api (January 9th 2021, 3:28:28 am UTC) from DE

Summary HTTP 156 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 30 domains to perform 156 HTTP transactions. The main IP is 2606:4700:10::6816:548, located in United States and belongs to CLOUDFLARENET, US. The main domain is thefly.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2020. Valid for: a year.

This is the only time thefly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:10:... 2606:4700:10::6816:548	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3.89.172.80 3.89.172.80	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	198.145.13.14 198.145.13.14	2044 (IINET-2044) (IINET-2044)
6	65.9.71.7 65.9.71.7	16509 (AMAZON-02) (AMAZON-02)
1 9	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
6	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
4	65.9.68.126 65.9.68.126	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	18.185.200.55 18.185.200.55	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	209.234.224.20 209.234.224.20	395162 (MOD-PTC) (MOD-PTC)
1	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
1 3	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE)
1 2	52.95.116.38 52.95.116.38	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	173.236.245.161 173.236.245.161	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
2	52.48.18.249 52.48.18.249	16509 (AMAZON-02) (AMAZON-02)
156	33

28 2606:4700:10::6816:548 (United States)

ASN13335 (CLOUDFLARENET, US)

thefly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.89.172.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-172-80.compute-1.amazonaws.com

u5.investingchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uat5.investingchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (United States)

ASN2044 (IINET-2044, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.71.7 (Seattle, United States)

ASN16509 (AMAZON-02, US)

dggaenaawxe8z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET, US)

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.68.126 (Seattle, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

investing-channel-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.200.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-200-55.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.234.224.20 (United States)

ASN395162 (MOD-PTC, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

lovelydrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.116.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.236.245.161 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: ps387620.dreamhostps.com

www.content.iclnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.18.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	thefly.com thefly.com	368 KB
25	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com	276 KB
15	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	153 KB
14	investingchannel.com u5.investingchannel.com uat5.investingchannel.com	192 KB
10	ampproject.org cdn.ampproject.org	195 KB
8	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	90 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	35 KB
6	cloudfront.net dggaenaawxe8z.cloudfront.net	235 KB
4	google.com www.google.com adservice.google.com	2 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	googletagservices.com www.googletagservices.com	87 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	wsod.com ad.wsod.com	2 KB
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com Failed	4 KB
2	360yield.com ice.360yield.com	6 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com Failed	2 KB
2	openx.net investing-channel-d.openx.net eu-u.openx.net Failed	933 B
2	google.de www.google.de adservice.google.de	910 B
2	getclicky.com static.getclicky.com in.getclicky.com	6 KB
1	googleadservices.com partner.googleadservices.com	639 B
1	iclnd.com www.content.iclnd.com	2 KB
1	googleapis.com fonts.googleapis.com	775 B
1	quantserve.com pixel.quantserve.com	210 B
1	moatads.com z.moatads.com	257 B
1	google.ch adservice.google.ch	803 B
1	lovelydrum.com lovelydrum.com	102 KB
1	exelator.com loadus.exelator.com	422 B
0	rlcdn.com Failed api.rlcdn.com Failed
0	smartadserver.com Failed prg.smartadserver.com Failed
0	transactionunification.com Failed www.transactionunification.com Failed
156	30

	Domain	Requested by
28	thefly.com	thefly.com
16	tpc.googlesyndication.com	lovelydrum.com securepubads.g.doubleclick.net thefly.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
13	uat5.investingchannel.com	u5.investingchannel.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	securepubads.g.doubleclick.net	1 redirects u5.investingchannel.com securepubads.g.doubleclick.net thefly.com www.googletagservices.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com thefly.com
6	dggaenaawxe8z.cloudfront.net	u5.investingchannel.com thefly.com dggaenaawxe8z.cloudfront.net
4	c.amazon-adsystem.com	thefly.com c.amazon-adsystem.com
4	cdn.krxd.net	thefly.com cdn.krxd.net
4	www.google-analytics.com	thefly.com www.google-analytics.com
3	www.googletagservices.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	ad.doubleclick.net	1 redirects lovelydrum.com thefly.com
2	beacon.krxd.net	cdn.krxd.net thefly.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	consumer.krxd.net	cdn.krxd.net
2	ad.wsod.com	u5.investingchannel.com ad.wsod.com
2	hbopenbid.pubmatic.com	u5.investingchannel.com
2	ice.360yield.com	u5.investingchannel.com
2	ib.adnxs.com	u5.investingchannel.com
2	investing-channel-d.openx.net	u5.investingchannel.com
2	www.google.com	thefly.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.content.iclnd.com	thefly.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	securepubads.g.doubleclick.net
1	z.moatads.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	lovelydrum.com	dggaenaawxe8z.cloudfront.net
1	loadus.exelator.com	u5.investingchannel.com
1	in.getclicky.com	static.getclicky.com
1	www.google.de	thefly.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.getclicky.com	thefly.com
1	u5.investingchannel.com	thefly.com
0	eu-u.openx.net Failed	u5.investingchannel.com
0	ads.pubmatic.com Failed	u5.investingchannel.com
0	acdn.adnxs.com Failed	u5.investingchannel.com
0	api.rlcdn.com Failed	u5.investingchannel.com
0	prg.smartadserver.com Failed	u5.investingchannel.com
0	www.transactionunification.com Failed	thefly.com
156	45

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-11` - `2021-08-11`	a year	crt.sh
*.investingchannel.com Go Daddy Secure Certificate Authority - G2	`2020-05-26` - `2022-06-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.wsod.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-05-14`	2 years	crt.sh
lovelydrum.com R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.content.iclnd.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://thefly.com/portfolios.php
Frame ID: 2F5BD54D545C073050D79930A6855287
Requests: 95 HTTP requests in this frame

Frame: https://uat5.investingchannel.com/start.html
Frame ID: F9ACD0DF343A5025CF9A35BDD55B44B6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 725B8E4DC2922406D105F94B992C9DF5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Frame ID: 1096C509514FE74E78C0DB73CC9EA5E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 9BA61BE506C10F2761EDD7B602DA1646
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnQUyAJSrsPV7QFMUJDh6-1PdOKYcfDC_ZnxRW5skduU1rble_3miIFsxd1TJ1mcNZazaWPPb6afU91nLrcTcn3NWCYIh0LNlX-eTds0dKG3Qt7-qj-QZ9VZSmemb0F8VN1EdYdgm4BaBf3rk7kxct2aO3jANIsIDD5AnKQ0bjOAlmNzvjf6h4kDMVzCWTSOm0bHx-JtzXAqXkqqA_l8D8LR8TUkKp7OiCgSiZTYBhRAWfN-q7KVzbhsG9fZrmsg&sig=Cg0ArKJSzLxDP6cf4fAbEAE&urlfix=1&adurl=
Frame ID: AC658088D3B20AAA53E6169AC2806BAA
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 4ABDC947A943D8E1F888B4A3AAF80B01
Requests: 19 HTTP requests in this frame

Frame: https://a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 3C2DB7052FBC6BDA28D8F1F228397274
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2B08A6C2FD88C63B1D9794AE185C66BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 9EA6F6AB2E21B89BCE057E8D0F3FFB27
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=0&client=ca-pub-3883965453722003&output=html&h=280&slotname=8459837238&adk=1337925693&adf=3173046728&pi=t.ma~as.8459837238&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fthefly.com%2Fportfolios.php&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1610162870996&bpp=15&bdt=209&idt=196&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dab6497ae913109a2%3AT%3D1610162870%3AS%3DALNI_MbHRRxhueT87JFq9Up2NWarsJkIgw&correlator=1080671186130&frm=23&ife=4&pv=2&ga_vid=1335814065.1610162869&ga_sid=1610162871&ga_hid=1918775813&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=6&biw=1600&bih=1200&isw=728&ish=90&ifk=2359403880&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=1911991378653564&pem=69&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Co%7CE%7C&abl=NS&pfx=0&fu=8324&bc=31&ifi=1&uci=1.wivtn6j7rcju&fsb=1&dtd=228
Frame ID: 505F04D43335F520796BDA5015AACDF7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: E0656F26AEDD0B7FEDDE5C4EDC92F811
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 97225A745B68265B9DC4BD2CA56B21E9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD34644D35A29737C68D0F4EA17746F2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D4AE9A3DA9E2D208AE20E97DA9AADF8E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=b8ebf937-0729-479a-9d75-4988d14491af&gdpr=0&us_privacy=1---
Frame ID: 881C411358687F7CB060EDB34E6A0CF9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 435B0E27C632338CBF3BD55947ADB8BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

156
Requests

92 %
HTTPS

41 %
IPv6

30
Domains

45
Subdomains

33
IPs

7
Countries

1803 kB
Transfer

5701 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_an-db5_sovrn_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_an-db5_sovrn_3lift&dcc=t

Request Chain 105

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty-0LEjlnkzn7htgrF39wfSaqriss4i4-ZLtSTY9yD1ST6cshxwF4eYa5ngMxcWuNYFcG8VvywMV8zKiRXhIT9C8Qo1InpbFoRH9dO6zpyYFidoDfBEGw8G-ey1muaaBsOHpNgoVauCUOWHONm2PNRxTM4DENCw84n9VFy79WVuR0nGElAVcZ40fI7_hjnXXU6JQchcg2M0DEfQep1FzDnVObGLl1_QiFxSGhgLerhAZqPb3o4_BX25ohj-jX6nZA&sig=Cg0ArKJSzP85cwHcvqp4EAE&urlfix=1&adurl=https://www.content.iclnd.com/dfp/uattag.js HTTP 302
https://www.content.iclnd.com/dfp/uattag.js

Request Chain 143

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1382525692;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=CP-Wh5H0je4CFVXluwgdHZYHog;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1382525692;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

156 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request portfolios.php Show response
thefly.com/ 24 KB
9 KB 593ms
571ms Document
text/html 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519379de5383ce63ddca2b12efb082b9513167a67e5f129f3c35e5abe141e281

Request headers

:method: GET
:authority: thefly.com
:scheme: https
:path: /portfolios.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dce85c19d53d5e126749e677bc7717f041610162867; expires=Mon, 08-Feb-21 03:27:47 GMT; path=/; domain=.thefly.com; HttpOnly; SameSite=Lax TheflyUsTr=2a01:4f8:192:5414::2.1610162868380075; path=/; domain=.thefly.com PHPSESSID=t64b0pf95j6n0t6kegspfph780; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0786c8a6b5000005f9cb808000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60eb108458b405f9-FRA
content-encoding: gzip

GET
H2 200 bpnLlyJjSaa162UZz5udBO7kyt8.js Show response
thefly.com/cdn-cgi/apps/head/ 6 KB
3 KB 14ms
12ms Script
application/javascript 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/cdn-cgi/apps/head/bpnLlyJjSaa162UZz5udBO7kyt8.js
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72fc1696c9c7a6528ae0bdf4448593018612e5985a7d03ed82cdc1bf4d3d9ec6

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5521433
cf-ray: 60eb1087fc6805f9-FRA
content-length: 2285
x-amz-id-2: yxJJHCatbB52ZC6jVBlX6NR///OtcvjmqCy8pb53NpF/jO7xbDSyQvqxii9MnOBY+BPgQou5oAE=
last-modified: Tue, 25 Jul 2017 16:35:16 GMT
server: cloudflare
etag: "cb274e3a5befd2d398ab86e688bb8252"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 09B51D307F1C5179
cache-control: public, max-age=31536000
x-amz-version-id: BsXFQHF_7brWfKwqQZJaZY8JBNTWBt_1
cf-request-id: 0786c8a8f7000005f993035000000001
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 log.js Show response
thefly.com/js/ 70 B
206 B 27ms
25ms Script
text/javascript 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/log.js?lastUpdate=202101083423888129
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0305fad1bc8003ec6fac579f9ae05ad7bc877e785b938dd33246f1018256eb90

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1780
cf-polished: origSize=331
cf-bgj: minify
cf-request-id: 0786c8a8f7000005f9cfb9b000000001
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
etag: W/"14b-525cdaa4a3482"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 60eb1087fc6905f9-FRA
expires: Sat, 09 Jan 2021 03:58:08 GMT

GET
H2 200 jquery-1.7.2.js Show response
thefly.com/js/ 139 KB
40 KB 17ms
16ms Script
text/javascript 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/jquery-1.7.2.js?lastUpdate=202101083423888129
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e84a7fa23c67f2587d494042c196dd11fd2af42cdb0c3099d50ba8b92e8d370

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1780
cf-polished: origSize=252881
cf-bgj: minify
cf-request-id: 0786c8a8f7000005f9b124a000000001
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
etag: W/"3dbd1-525cdaa4a3482"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 60eb1087fc6a05f9-FRA
expires: Sat, 09 Jan 2021 03:58:08 GMT

GET
H2 200 uniform.css
thefly.com/js/plugins/uniform/css/ 8 KB
2 KB 18ms
16ms Stylesheet
text/css 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/plugins/uniform/css/uniform.css
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d1eed96196a78616c28f3ce96fc081c4a63752ee5992a34bc25697c54dc521

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 160618
cf-polished: origSize=10643
cf-bgj: minify
cf-request-id: 0786c8a8f7000005f982bb6000000001
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
etag: W/"2993-525cdaa494234"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 60eb1087fc6105f9-FRA
expires: Sat, 06 Feb 2021 06:50:50 GMT

GET
H2 200 uniform.fotw.css
thefly.com/js/plugins/uniform/css/ 8 KB
2 KB 15ms
13ms Stylesheet
text/css 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/plugins/uniform/css/uniform.fotw.css
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6476d5263e61ce1751967fd00c36a39ee4a34ff44ce4cdbe76ed8c69de1f5bd8

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 160618
cf-polished: origSize=10097
cf-bgj: minify
cf-request-id: 0786c8a8f7000005f9fb334000000001
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
etag: W/"2771-525cdaa494234"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 60eb1087fc6205f9-FRA
expires: Sat, 06 Feb 2021 06:50:50 GMT

GET
H2 200 jquery.fancybox-1.3.4.css
thefly.com/js/plugins/fancybox/ 7 KB
2 KB 14ms
13ms Stylesheet
text/css 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/plugins/fancybox/jquery.fancybox-1.3.4.css
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85d9a094de874f837238dbf441f9d32d76e0f26591ecb1288df633e7a9e1cb2

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 596177
cf-polished: origSize=9035
cf-bgj: minify
cf-request-id: 0786c8a8f7000005f9aea3e000000001
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
etag: W/"234b-525cdaa49cb36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 60eb1087fc6405f9-FRA
expires: Mon, 01 Feb 2021 05:51:31 GMT

GET
H2 200 jplayer.thefly.css
thefly.com/css/blue.monday/ 10 KB
3 KB 17ms
16ms Stylesheet
text/css 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/css/blue.monday/jplayer.thefly.css
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73ba2c44e72314f1533ec539aa0dd1d25d37baa75c5e0cc8da03026ed838b3b6

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 160618
cf-polished: origSize=13736
cf-bgj: minify
cf-request-id: 0786c8a8f7000005f9f08a5000000001
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
etag: W/"35a8-525cdaa4b5d44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 60eb1087fc6505f9-FRA
expires: Sat, 06 Feb 2021 06:50:50 GMT

GET
H2 200 todos.css
thefly.com/css/ 322 KB
51 KB 20ms
20ms Stylesheet
text/css 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae2289a04d59fc5904d17cc79f1da847c53a5659a21f07e5f4ea3eb74175742

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 77904
cf-polished: origSize=412080
cf-bgj: minify
cf-request-id: 0786c8a8f7000005f9ba87f000000001
last-modified: Tue, 18 Aug 2020 16:46:00 GMT
server: cloudflare
etag: W/"649b0-5ad299f3c858d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
cf-ray: 60eb1087fc6705f9-FRA
expires: Sun, 07 Feb 2021 05:49:24 GMT

GET
H2 200 uat.js Show response
u5.investingchannel.com/static/ 665 KB
179 KB 387ms
134ms Script
text/plain 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://u5.investingchannel.com/static/uat.js
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: 9369a9de9d5fb7bba0550025ced0c99796c6418ffc2ab9d01d5d54457e0c3f8e

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
server: Jetty(9.4.12.v20180830)
content-encoding: gzip
etag: "064f6b2b340a28e843a585a6810ccf127--gzip"
vary: Accept-Encoding, User-Agent
content-type: text/plain;charset=utf-8

GET
H2 200 login_new.png
thefly.com/images/buttons/ 1007 B
1 KB 20ms
17ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/buttons/login_new.png
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b3a7d3971147834282815864af92a54b9fad19ad3c31bf8787cf688c1d6d80

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 329476
etag: "3ef-525cdaa453b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10883cb305f9-FRA
content-length: 1007
cf-request-id: 0786c8a925000005f9f8a50000000001
expires: Thu, 04 Feb 2021 07:56:32 GMT

GET
H2 200 search_nav.png
thefly.com/images/buttons/ 2 KB
2 KB 16ms
13ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/buttons/search_nav.png
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df57456cc75c2d66b5dbb7f6e5e0db047dc2d900928c3d96d7e8f216e4a9063e

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 2411217
etag: "7b7-525cdaa453f1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10883cb405f9-FRA
content-length: 1975
cf-request-id: 0786c8a925000005f9bfb65000000001
expires: Mon, 11 Jan 2021 05:40:51 GMT

GET
H2 200 twitter.png
thefly.com/images/social/ 301 B
433 B 17ms
14ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/social/twitter.png
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3e2b3c82e48fbd3512ab22d5b4f75dea2d93a81da50bbd345523d6e94c0b79

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2016 22:55:39 GMT
server: cloudflare
age: 419171
etag: "12d-52d7d5d193220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10883cb505f9-FRA
content-length: 301
cf-request-id: 0786c8a925000005f9962d0000000001
expires: Wed, 03 Feb 2021 07:01:37 GMT

GET
H2 200 linkedin.png
thefly.com/images/social/ 273 B
441 B 16ms
13ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/social/linkedin.png
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da043217416a60756cf5d226f80eb9f24db0c0a20db3a556cb9cf8fc9273990

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2016 22:55:39 GMT
server: cloudflare
age: 248863
etag: "111-52d7d5d193220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10883cb605f9-FRA
content-length: 273
cf-request-id: 0786c8a925000005f9ee0d2000000001
expires: Fri, 05 Feb 2021 06:20:05 GMT

GET
H2 200 facebook.png
thefly.com/images/social/ 262 B
395 B 19ms
17ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/social/facebook.png
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd68a2050371d1fecc77bf097f4f32accf4c106db81c52929312469c4d8a01a

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2016 22:55:39 GMT
server: cloudflare
age: 423558
etag: "106-52d7d5d193220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10883cb705f9-FRA
content-length: 262
cf-request-id: 0786c8a926000005f985031000000001
expires: Wed, 03 Feb 2021 05:48:30 GMT

GET
H2 200 flecha_negra.png
thefly.com/images/backgrounds/ 279 B
411 B 17ms
14ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/flecha_negra.png
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932effc0f5998b31562b7405f76bb0fcab537feeb4d15a9fc919bbbb3c235e9e

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 251222
etag: "117-525cdaa472b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10883cb805f9-FRA
content-length: 279
cf-request-id: 0786c8a926000005f999996000000001
expires: Fri, 05 Feb 2021 05:40:46 GMT

GET
H2 200 todosE.js Show response
thefly.com/js/ 346 KB
95 KB 23ms
23ms Script
text/javascript 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/todosE.js?lastUpdate=202101083423888129
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87d5a2618a7f45cdee90de310ff578341ccec4871e24bf7b0a528a27d2e940d

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1779
cf-polished: origSize=409971
cf-bgj: minify
cf-request-id: 0786c8a911000005f9fbaab000000001
last-modified: Fri, 20 Nov 2020 04:48:10 GMT
server: cloudflare
etag: W/"64173-5b4828d248245"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 60eb10881c8f05f9-FRA
expires: Sat, 09 Jan 2021 03:58:09 GMT

GET
H2 200 todosM.js Show response
thefly.com/js/ 26 KB
8 KB 11ms
10ms Script
text/javascript 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/todosM.js?lastUpdate=202101083423888129
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 973011e1531b51329b0dcc897c4126fe6359f40c1d586ebea477abf0b80439c6

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1779
cf-polished: origSize=36943
cf-bgj: minify
cf-request-id: 0786c8a912000005f9aea3f000000001
last-modified: Fri, 20 Nov 2020 04:48:10 GMT
server: cloudflare
etag: W/"904f-5b4828d267e18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 60eb10881c9205f9-FRA
expires: Sat, 09 Jan 2021 03:58:09 GMT

GET
H2 200 todosN.js Show response
thefly.com/js/ 131 KB
34 KB 24ms
20ms Script
text/javascript 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefly.com/js/todosN.js?lastUpdate=202101083423888129
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f942febe29a19ad8b6bda7c65c75ea6f405ee3fe19e4732dbfb8a5a3f71342

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1779
cf-polished: origSize=243491
cf-bgj: minify
cf-request-id: 0786c8a925000005f9c5090000000001
last-modified: Fri, 20 Nov 2020 04:48:10 GMT
server: cloudflare
etag: W/"3b723-5b4828d282fb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 60eb10883cb205f9-FRA
expires: Sat, 09 Jan 2021 03:58:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thefly.com
URL: https://thefly.com/cdn-cgi/apps/head/bpnLlyJjSaa162UZz5udBO7kyt8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 496
date: Sat, 09 Jan 2021 03:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 09 Jan 2021 05:19:32 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 36ms
12ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: thefly.com
URL: https://thefly.com/cdn-cgi/apps/head/bpnLlyJjSaa162UZz5udBO7kyt8.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 192689
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 60eb10885d78d6dd-FRA
x-proxy-cache: HIT
cf-request-id: 0786c8a93b0000d6dd0090f000000001
expires: Sat, 16 Jan 2021 03:27:48 GMT

GET tag.js
www.transactionunification.com/ 0
0

GET
H2 200 logo_thefly_small.png
thefly.com/images/ 5 KB
5 KB 17ms
16ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/logo_thefly_small.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef83c043d43a01abc7ff72382a56ad10047c6b101d9dc260c2f5095c4d91284

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 71991
etag: "151f-525cdaa47ea73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10883cb905f9-FRA
content-length: 5407
cf-request-id: 0786c8a926000005f9b8a7c000000001
expires: Sun, 07 Feb 2021 07:27:57 GMT

GET
H2 200 fixed_footer.png
thefly.com/images/backgrounds/ 978 B
1 KB 18ms
16ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/fixed_footer.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a215625e8412d70a808b1171b87a7a74c533449aa00193e16425c1692d1454

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 423558
etag: "3d2-525cdaa46f0b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10884cba05f9-FRA
content-length: 978
cf-request-id: 0786c8a929000005f993ad5000000001
expires: Wed, 03 Feb 2021 05:48:30 GMT

GET
H2 200 popup_button.png
thefly.com/images/backgrounds/ 239 B
371 B 13ms
12ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/popup_button.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165c1be7386197552c3580bee608f4873a0c6e0082a59b3719e7d5de26da2b0d

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 1988841
etag: "ef-525cdaa46fc2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10884cbb05f9-FRA
content-length: 239
cf-request-id: 0786c8a929000005f99f31f000000001
expires: Sat, 16 Jan 2021 03:00:27 GMT

GET
H2 200 footer_flies.png
thefly.com/images/backgrounds/ 2 KB
2 KB 13ms
12ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/footer_flies.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4524830103b2783567d7278038c21e3bd9e75d1cec6f23b499fb5a431f64e6fa

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 339118
etag: "674-525cdaa4713d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb10884cbc05f9-FRA
content-length: 1652
cf-request-id: 0786c8a929000005f99c248000000001
expires: Thu, 04 Feb 2021 05:15:50 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
124 B 40ms
13ms XHR
text/plain 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1057649367&t=pageview&_s=1&dl=https%3A%2F%2Fthefly.com%2Fportfolios.php&ul=en-us&de=UTF-8&dt=My%20Portfolios%20-%20The%20Fly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=996184122&gjid=1305679763&cid=1335814065.1610162869&tid=UA-57334935-1&_gid=453774170.1610162869&_r=1&_slc=1&z=277023789

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thefly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1057649367&t=timing&_s=2&dl=https%3A%2F%2Fthefly.com%2Fportfolios.php&ul=en-us&de=UTF-8&dt=My%20Portfolios%20-%20The%20Fly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Page%20Requests&utv=%2Fportfolios.php&utl=Request%20%2Fportfolios.php&utt=7&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1335814065.1610162869&tid=UA-57334935-1&_gid=453774170.1610162869&z=51001751

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47109
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fotw_form_sprites.png
thefly.com/js/plugins/uniform/images/ 1 KB
1 KB 22ms
21ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/js/plugins/uniform/images/fotw_form_sprites.png
Requested by: Host: thefly.com
URL: https://thefly.com/js/plugins/uniform/css/uniform.fotw.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb4189e4ba0ba9d8f5692c13fd8781fcb8921b3fcfb82cfbe0a0c678ab758178

Request headers

Referer: https://thefly.com/js/plugins/uniform/css/uniform.fotw.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
age: 512715
etag: "43a-525cdaa493294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb1088ed5d05f9-FRA
content-length: 1082
cf-request-id: 0786c8a98d000005f901b2b000000001
expires: Tue, 02 Feb 2021 05:02:33 GMT

GET
H2 200 sprites_header.png
thefly.com/images/backgrounds/ 1 KB
1 KB 14ms
12ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/sprites_header.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 778d325177d923c0845704654ffff3a5535a1538fc8c88c325f813023d81915a

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 480443
etag: "497-525cdaa46d905"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb1088ed6705f9-FRA
content-length: 1175
cf-request-id: 0786c8a992000005f998904000000001
expires: Tue, 02 Feb 2021 14:00:25 GMT

GET
H2 200 promo_filter_news.png
thefly.com/images/backgrounds/ 65 KB
65 KB 14ms
13ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/promo_filter_news.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f89190ea49ebbb0325482e376d555016f168ac3666a01db9e7ea475b1c18803

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 767692
etag: "104d9-525cdaa474e72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb1088ed6805f9-FRA
content-length: 66777
cf-request-id: 0786c8a993000005f9c5095000000001
expires: Sat, 30 Jan 2021 06:12:56 GMT

GET
H2 200 promo_create_portfolios.png
thefly.com/images/backgrounds/ 34 KB
34 KB 15ms
14ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/promo_create_portfolios.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751b2c7babc557222134852842d3181e389d4009ccdd0c73517bd98efb8334a2

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 767692
etag: "87dc-525cdaa473e94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb1088ed6905f9-FRA
content-length: 34780
cf-request-id: 0786c8a993000005f9dc321000000001
expires: Sat, 30 Jan 2021 06:12:56 GMT

GET
H2 200 promo_stay_informed.png
thefly.com/images/backgrounds/ 4 KB
4 KB 15ms
14ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/images/backgrounds/promo_stay_informed.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af692c6c9e2e76031b5256084c9d83a3adb36d7f1ff6ef830e81053f613bd56c

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:18 GMT
server: cloudflare
age: 593486
etag: "fec-525cdaa470416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb1088ed6a05f9-FRA
content-length: 4076
cf-request-id: 0786c8a993000005f9cfba2000000001
expires: Mon, 01 Feb 2021 06:36:22 GMT

GET
H2 200 ui-bg_glass_75_ffffff_1x400.png
thefly.com/css/images/ 107 B
238 B 14ms
13ms Image
image/png 2606:4700:10::6816:548
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefly.com/css/images/ui-bg_glass_75_ffffff_1x400.png
Requested by: Host: thefly.com
URL: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f5ecbbd2965ce36b5b47226f59485bd4fbdf038c460b082a2cdb6dcec01ff4d

Request headers

Referer: https://thefly.com/css/todos.css?lastUpdate=202101083423888129
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:48 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2015 03:22:19 GMT
server: cloudflare
age: 512714
etag: "6b-525cdaa4b2694"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60eb1088ed6c05f9-FRA
content-length: 107
cf-request-id: 0786c8a994000005f9bfb6a000000001
expires: Tue, 02 Feb 2021 05:02:34 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1057649367&t=pageview&_s=3&dl=https%3A%2F%2Fthefly.com%2Fportfolios.php&ul=en-us&de=UTF-8&dt=My%20Portfolios%20-%20The%20Fly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=1335814065.1610162869&tid=UA-57334935-1&_gid=453774170.1610162869&cd1=notlogged&z=1369799290

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jan 2021 14:22:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47109
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-57334935-1&cid=1335814065.1610162869&jid=996184122&gjid=1305679763&_gid=453774170.1610162869&_u=IEBAAEAAAAAAAC~&z=1818326325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jan 2021 03:27:48 GMT
content-type: text/plain
access-control-allow-origin: https://thefly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-57334935-1&cid=1335814065.1610162869&jid=996184122&_u=IEBAAEAAAAAAAC~&z=398130028

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-57334935-1&cid=1335814065.1610162869&jid=996184122&_u=IEBAAEAAAAAAAC~&z=398130028

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 in.php Show response
in.getclicky.com/ 155 B
450 B 508ms
169ms Script
text/javascript 198.145.13.14
IINET-2044

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100767783&type=pageview&href=%2Fportfolios.php&title=My%20Portfolios%20-%20The%20Fly&res=1600x1200&lang=en&jsuid=2508325060&mime=js&x=0.5747994379228563
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.14 , United States, ASN2044 (IINET-2044, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: bcfe7be7165a63bc569b4f2df05b2096cea9d8c11fa92e26a8ddb043c5087fa2

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 0e5c08ae-fecf-41c6-8671-93ae635c67af Show response
uat5.investingchannel.com/data/ 41 KB
10 KB 130ms
129ms XHR
application/json 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/data/0e5c08ae-fecf-41c6-8671-93ae635c67af?browsersize=1600x1200&consentsknown=null&usprivacy=&pageurl=https%3A%2F%2Fthefly.com%2Fportfolios.php
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: 475626821a590dd7c49a2dc258469975d632757b8698352860b7a17221b6e932

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:49 GMT
content-encoding: gzip
server: Jetty(9.4.12.v20180830)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://thefly.com
cache-control: private, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 start.html
uat5.investingchannel.com/ Frame F9AC 0
0 124ms
124ms Document
text/html 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/start.html
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

:method: GET
:authority: uat5.investingchannel.com
:scheme: https
:path: /start.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefly.com/portfolios.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ic_uid=29860548-393e-463d-baa7-46a585529578
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
content-type: text/html
content-length: 141
last-modified: Mon, 04 Jan 2021 08:08:14 GMT
accept-ranges: bytes
etag: "0e7fb45d71f6309302efe48b17ede1768"
vary: Accept-Encoding, User-Agent
server: Jetty(9.4.12.v20180830)

GET
H2 200 predictive.js Show response
dggaenaawxe8z.cloudfront.net/predictive/ 895 KB
222 KB 100ms
45ms Script
text/javascript 65.9.71.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c62ba31d908a6c8feb2342a0f658e1afd2a4df88208733e8871f893da290aec6

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 01:55:47 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 16:04:25 GMT
server: AmazonS3
age: 5529
etag: "8d1a0b47ca29820b511f9044ab9828a6"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 226731
x-amz-cf-id: FK0DXw0miWNynTurycS6iSArh_7hfSe9UmoSNvghMP1lHxjuX82zCg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 102ms
42ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

sffe /

Resource Hash

c01e354196be9c9b8ac673fde3aa5569f36daaaeaef56db8c6080a6b7140d83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "749 / 568 of 1000 / last-modified: 1610154819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19000
x-xss-protection: 0
expires: Sat, 09 Jan 2021 03:27:49 GMT

GET
H2 200 / Show response
loadus.exelator.com/load/ 40 B
422 B 136ms
44ms Script
application/x-javascript 147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=763&g=104&j=c&callback=ic_exelate_callback
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: 4393298c72815a6b2013b3250dbe323fc1ed93e19686564fd4b8467c4580a04f

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
content-type: application/x-javascript;charset=UTF-8
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 txe9jbx58.js Show response
cdn.krxd.net/controltag/ 18 KB
6 KB 82ms
26ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/txe9jbx58.js
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a079b6f2029be09d9b500ba0ef7d10f164b4fb1e3ca266466ee8e845314484d3

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sat, 09 Jan 2021 03:27:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 718
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 5343
x-served-by: config-service-a002-ash-prod.krxd.net, cache-bwi5134-BWI, cache-hhn4027-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1610162869.474869,VS0,VE0
etag: "ec984a908b0d5a5f7b9c32861f142c31d4792a43"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 14

GET
H2 200 thefly.js Show response
dggaenaawxe8z.cloudfront.net/cmp_v2/admiral/ 2 KB
1 KB 76ms
26ms Script
application/javascript 65.9.71.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/cmp_v2/admiral/thefly.js
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0df3d84aedf0de8f2397c11fbe562bf1ddd59986e3494c311b3e42c0e4488f6c

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 12:20:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 10:32:55 GMT
server: AmazonS3
age: 54451
etag: W/"07e4b34d16da4d14d12f7802b9e50f11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Te-avm6pWEWxynMBSgFA-vZHGmkl6X8GFK6HPsKl39oJnTDlmFuiUw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 99ms
44ms Script
application/javascript 65.9.68.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:24:46 GMT
content-encoding: gzip
server: Server
age: 183
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: uIH1DSA8KQbZ9na_ct0B3vTy4foVfGS6tmNh3pownwpIleLxTv_Dxw==

GET
H2 200 arj Show response
investing-channel-d.openx.net/w/1.0/ 189 B
567 B 94ms
37ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://investing-channel-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthefly.com%2Fportfolios.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=04c5ac71-afde-4f52-ac7f-7f754cacfa80%2C60dbd643-c7e5-4e4e-9cc1-527f58ad2c4d%2C1b3e9dec-cd06-498f-8944-840370c69a48%2Cfd244f6c-3016-4adf-8712-85842377b2d5%2C893c4b88-fc38-48d2-afde-1a5e979c784b&nocache=1610162869430&us_privacy=1---&aus=728x90%7C728x90%2C970x250%7C300x250%2C300x600%2C300x1050%7C300x250%2C300x600%2C300x1050%7C160x600&divIds=investingchannel_div_6820165323451868%2Cinvestingchannel_div_9473038018047318%2Cinvestingchannel_div_5885505428035709%2Cinvestingchannel_div_9999625216369598%2Cinvestingchannel_div_8217723590861883&auid=539046157%2C539046157%2C539046157%2C539046157%2C539046157
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: c6e173d569c2324c9470c5756f665f552769d12787b3ecb694248452102b5e26

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:49 GMT
content-encoding: gzip
server: OXGW/16.200.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://thefly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST v1
prg.smartadserver.com/prebid/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 601 B
1 KB 96ms
38ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

53a065daabe4586450ee3cdf842106f6cf207537522b82a45a2b321220812826

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jan 2021 03:27:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.82:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5713112a-6f88-437f-b80b-4976b1fe927d
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://thefly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ 298 B
712 B 589ms
534ms XHR
application/json 18.185.200.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2231e6385a2154118%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fthefly.com%2Fportfolios.php%22%2C%22us_privacy%22%3A%221---%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2220cd4f756fa6408%22%2C%22pid%22%3A%2222328716%22%2C%22tid%22%3A%2204c5ac71-afde-4f52-ac7f-7f754cacfa80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%22215fe47ad8bee4%22%2C%22pid%22%3A%2222328717%22%2C%22tid%22%3A%2260dbd643-c7e5-4e4e-9cc1-527f58ad2c4d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2222cf20e6bb17409%22%2C%22pid%22%3A%2222328713%22%2C%22tid%22%3A%221b3e9dec-cd06-498f-8944-840370c69a48%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%5D%7D%7D%2C%7B%22id%22%3A%22238531d62bea043%22%2C%22pid%22%3A%2222328714%22%2C%22tid%22%3A%22fd244f6c-3016-4adf-8712-85842377b2d5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%5D%7D%7D%2C%7B%22id%22%3A%2224f895e36509edb%22%2C%22pid%22%3A%2222271527%22%2C%22tid%22%3A%22893c4b88-fc38-48d2-afde-1a5e979c784b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.200.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-200-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 66e307645ee3fd4c4710f96472f4ef45b43776177cbf4c02800a8370c4a116c2

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thefly.com
date: Sat, 09 Jan 2021 03:27:50 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 298
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 178ms
110ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thefly.com
date: Sat, 09 Jan 2021 03:27:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
ad.wsod.com/pub/37693cfc748049e45d87b8c7d8b9aacd/0.0.async/ 3 KB
2 KB 568ms
143ms Script
text/html 209.234.224.20
MOD-PTC

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/pub/37693cfc748049e45d87b8c7d8b9aacd/0.0.async/
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.234.224.20 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: f1cc9f5409d9874e01b189708718f2b7b95040032f7e046c64fba300046c6fb0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 09 Jan 2021 03:27:49 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 adhesion.js Show response
dggaenaawxe8z.cloudfront.net/adhesion/ 1 KB
991 B 118ms
100ms Script
application/javascript 65.9.71.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/adhesion/adhesion.js
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58d8d3cfac103489c3d020e035a630104ff0105341d715235413da18b3eee2ff

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 00:30:05 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 07:49:17 GMT
server: AmazonS3
age: 10665
etag: W/"cbb9a5a65139050dc0d6d5c4bde802ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ZZhrSyvOsg--w_-iBNmXdT82VeMZr1Ec_4Piu9bPDHuq-mJoxPIrGg==

GET
H2 200 v2ipskCTawtP08ch3K34UvYz3wWXXHjVruCcbg2D-qfdLJ0I1sKSWbxzr Show response
lovelydrum.com/ 530 KB
102 KB 300ms
242ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2ipskCTawtP08ch3K34UvYz3wWXXHjVruCcbg2D-qfdLJ0I1sKSWbxzr

Requested by

Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/cmp_v2/admiral/thefly.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

707e2a77d785636a074054813e3a0e3c1854fc60455c4f6f911317b9da2c87a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "cba950f76c070d5e2bb717a9b13e3dcfb86ad4cfed264a5986b93b2a4649b7b7"
vary: Accept-Encoding, Accept-Language
x-hostname: 711b148b
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sat, 09 Jan 2021 03:27:49 GMT
timing-allow-origin: *

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 27ms
27ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/txe9jbx58.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sat, 09 Jan 2021 03:27:49 GMT
content-encoding: gzip
age: 7412476
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 9366883
content-length: 84451
x-served-by: cache-hhn4027-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1610162870.509252,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H3-Q050 200 pubads_impl_2021010705.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 75ms
42ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

sffe /

Resource Hash

49e0a45588654bdf62c81286a336f875b3858a2611b559c95ef3f8d267e1f2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 20:48:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99000
x-xss-protection: 0
expires: Sat, 09 Jan 2021 03:27:49 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 86ms
29ms XHR
application/javascript 65.9.68.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: "a4d296427fc806b21335359e398c025c"
age: 33287
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Fri, 08 Jan 2021 18:13:03 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: g21BhZI5H1Ou8ywBJDzv0QJ47le2RcpLl5I47dmKgm1Y6e6zBs7aCw==

GET
H2 200 adhesion_cross.png
dggaenaawxe8z.cloudfront.net/adhesion/ 1 KB
1 KB 28ms
26ms Image
image/png 65.9.71.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dggaenaawxe8z.cloudfront.net/adhesion/adhesion_cross.png
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 915e27ed57a3253e5b06be504aa52344824f3ce054e2d5251565c8b36debf302

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 22:54:37 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jun 2020 13:37:15 GMT
server: AmazonS3
age: 50445
etag: "2e92c1d58fd91ed5d1aa6e08d67fdb27"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1103
x-amz-cf-id: 10lT10MHHrWAoyQMIltceXGw3_t7ZoG5xHOw3H79xG6zk_-X67Qw3g==

GET
H2 200 model.json Show response
dggaenaawxe8z.cloudfront.net/predictive/model/0e5c08ae-fecf-41c6-8671-93ae635c67af/ 3 KB
1 KB 79ms
26ms Fetch
application/json 65.9.71.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/predictive/model/0e5c08ae-fecf-41c6-8671-93ae635c67af/model.json
Requested by: Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 207a3625cdb5a72ea75bb3ac030d05406428ba3e4250a6aaaee3525c4a43403b

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 01:32:55 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 6895
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 12 Feb 2020 16:04:21 GMT
server: AmazonS3
etag: W/"11cbcf897e0e0d52e1433c37b95432eb"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: application/json
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: E8ckkLYZb6mF-e32dpsAOmjAyGjdUrpfWqBocSOjQxRMaMiXdwAkNw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 156 B
525 B 384ms
384ms XHR
text/javascript 65.9.68.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3310&u=https%3A%2F%2Fthefly.com%2Fportfolios.php&pid=LXioTejrwS89z&cb=0&ws=1600x1200&v=7.58.01&t=1900&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Desktop%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22Desktop%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22Desktop%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22Desktop%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22Desktop%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 9359837f4d2ab522851c14eab424791fec76dce3f31c16658da2e7cb9684a445

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thefly.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 151
via: 1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
x-amz-cf-id: Ws3BSXennRdkOOgtFRqBba_9HuC_91qBkJ0SOSJvjOHQPEtFQnmNZw==

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 725B 0
0 26ms
26ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefly.com/portfolios.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 09 Jan 2021 03:27:49 GMT
via: 1.1 varnish
age: 9261381
x-served-by: cache-hhn4027-HHN
x-cache: HIT
x-cache-hits: 2252287
x-timer: S1610162870.668545,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 9427dd0d-835c-471c-a5db-ab01ae8a681c Show response
consumer.krxd.net/consent/get/ 249 B
438 B 104ms
50ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&callback=Krux.ns.investingchannelinc.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a011-dub-prod.krxd.net, cache-hhn4082-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1610162870.767506,VS0,VE25
content-length: 199
x-cache-hits: 0, 0

GET
H2 200 group1-shard1of1.bin Show response
dggaenaawxe8z.cloudfront.net/predictive/model/0e5c08ae-fecf-41c6-8671-93ae635c67af/ 8 KB
8 KB 29ms
28ms Fetch
application/octet-stream 65.9.71.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/predictive/model/0e5c08ae-fecf-41c6-8671-93ae635c67af/group1-shard1of1.bin
Requested by: Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc0c8984bae302e47fbdd8d5aac8cfd94991221f6a05a4e9b3350c91cbd40ba4

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:21:48 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 409
x-cache: Hit from cloudfront
content-length: 8004
last-modified: Wed, 12 Feb 2020 16:04:21 GMT
server: AmazonS3
etag: "57e49470986bd9ca285914ac2e06645e"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: FaM0-FGBiSnS-ePg7bOAUD8d1m4k3VPi04CZzsShDCLgTkvblaqGTg==

GET
H2 200 9427dd0d-835c-471c-a5db-ab01ae8a681c Show response
consumer.krxd.net/consent/set/ 314 B
364 B 101ms
56ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/set/9427dd0d-835c-471c-a5db-ab01ae8a681c?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=1&sh=1&re=1&callback=Krux.ns.investingchannelinc.kxjsonp_consent_set_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b38bc62845043237ea3c748d214d8d1646b8d303add77e4796da7f16ee33734

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:49 GMT
via: 1.1 varnish
x-timer: S1610162870.767497,VS0,VE27
x-served-by: consumer-a002-dub-prod.krxd.net, cache-hhn4082-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes
content-encoding: gzip
content-length: 250
x-cache-hits: 0, 0

GET
H2 200 Bsmplb Show response
ad.doubleclick.net/ddm/adj/Amixf/ 11 B
551 B 97ms
35ms Script
text/javascript 172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Amixf/Bsmplb

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2ipskCTawtP08ch3K34UvYz3wWXXHjVruCcbg2D-qfdLJ0I1sKSWbxzr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1610162869;0,0,0;1600x1200x1;https%3A_@2F_@2Fthefly.com_@2Fportfolios.php;;; Show response
ad.wsod.com/pub/37693cfc748049e45d87b8c7d8b9aacd/1.0.async/ 223 B
903 B 154ms
154ms Script
text/html 209.234.224.20
MOD-PTC

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/pub/37693cfc748049e45d87b8c7d8b9aacd/1.0.async/1610162869;0,0,0;1600x1200x1;https%3A_@2F_@2Fthefly.com_@2Fportfolios.php;;;
Requested by: Host: ad.wsod.com
URL: https://ad.wsod.com/pub/37693cfc748049e45d87b8c7d8b9aacd/0.0.async/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.234.224.20 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: 4e38dd5d0fd0845a2b9bcd01c18e9c33185cfc3a59c419a72e4133055144dbcd

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jan 2021 03:27:50 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 1096
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_an-db5_sovrn_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_an-db5_sovrn_3lift&dcc=t

0
0

205ms
205ms

Document
text/html

52.95.116.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thefly.com/portfolios.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7eT3UIhxEreiHPh0oMffSI|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

Server: Server
Date: Sat, 09 Jan 2021 03:27:50 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 217
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A7eT3UIhxEreiHPh0oMffSI; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 03:27:50 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 03:27:50 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sat, 09 Jan 2021 03:27:50 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_n-emx_n-vmg_rx_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Set-Cookie: ad-id=A7eT3UIhxEreiHPh0oMffSI|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 03:27:50 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 9BA6 0
0 25ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2ipskCTawtP08ch3K34UvYz3wWXXHjVruCcbg2D-qfdLJ0I1sKSWbxzr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefly.com/portfolios.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Tue, 05 Jan 2021 03:19:06 GMT
expires: Wed, 05 Jan 2022 03:19:06 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 346124
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 21 KB
9 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8761
x-xss-protection: 0
server: cafe
etag: 16638491572200565323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jan 2021 04:27:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
803 B 48ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=thefly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 34ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thefly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 84 KB
25 KB 484ms
483ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=269999813441665&correlator=2288529118982642&output=ldjh&impl=fifs&eid=21068773%2C21069145%2C21069767&vrg=2021010705&gdpr=0&us_privacy=1---&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210109&iu_parts=5206%2CTheFly%2Cequities%2Csearchbx%2Cforex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C320x50%7C300x250%7C300x600%7C300x1050%2C88x31%2C160x600%7C120x600%2C1x1&fluid=0%2Cheight%2C0%2C0%2C0&ists=1&prev_scp=uat5%3Dtrue%26adslot%3Dd_728x90_1%26rnd%3D6820165323451868%26tile%3D1%26pos%3D1%26tl%3Dequities%26kval%3Dequities%26adx_b%3De8%26h%3D3%26arc%3D0%26art%3Do%26fp%3D1%26ivp%3D100%26bs%3D1600x1200%26ap%3D353x6%26rp%3D353x6%26tid%3D340%26a9_79%3D0%26nx_79%3D0%26pm_79%3D0%26oxb_79%3D0%26pb_79%3D0%26ml_79%3D70%26xu%3D0%26dnt%3Dfalse%26d%3Dd%26viewCount%3D01%26ord%3De1ad82c4-745a-4923-b112-87395af95c08%26dt%3Dpg%26rft%3Ddi%26usn%3Dthefly%26is_search%3Dfalse%26uc%3Dt%26bsc%3D87010254%2C99000001%2C84132004%2C99012001%2C99012003%2C99012004%2C99012012%2C84131001%7Cuat5%3Dtrue%26adslot%3Dd_300x250_1%26rnd%3D5885505428035709%26tile%3D3%26pos%3D1%26tl%3Dequities%26kval%3Dequities%26adx_b%3De8%26h%3D3%26arc%3D0%26art%3Do%26fp%3D1%26ivp%3D100%26bs%3D1600x1200%26ap%3D1047x152%26rp%3D1047x152%26tid%3D342%26a9_32%3D0%26nx_32%3D0%26pm_32%3D0%26oxb_32%3D0%26pb_32%3D0%26ml_32%3D70%26ml_36%3D80%26ml_31%3D90%26xu%3D0%26dnt%3Dfalse%26d%3Dd%26viewCount%3D01%26ord%3De1ad82c4-745a-4923-b112-87395af95c08%26dt%3Dpg%26rft%3Ddi%26usn%3Dthefly%26is_search%3Dfalse%26uc%3Dt%26bsc%3D87010254%2C99000001%2C84132004%2C99012001%2C99012003%2C99012004%2C99012012%2C84131001%7Ckval%3Dsearchbx%26uat5%3Dtrue%26adslot%3Dd_88x31_1%26rnd%3D7613187635784682%26tile%3D5%26pos%3D1%26tl%3Dsearchbx%26adx_b%3De3%26h%3D3%26arc%3D0%26art%3Do%26fp%3D1%26ivp%3D100%26bs%3D1600x1200%26ap%3D1071x110%26rp%3D1071x110%26tid%3D344%26xu%3D-1%26dnt%3Dfalse%26d%3Dd%26viewCount%3D01%26ord%3De1ad82c4-745a-4923-b112-87395af95c08%26dt%3Dpg%26rft%3Ddi%26usn%3Dthefly%26is_search%3Dfalse%26uc%3Df%26bsc%3D87010254%2C99000001%2C84132004%2C99012001%2C99012003%2C99012004%2C99012012%2C84131001%7Cadslot%3Dd_floater_1%26uat5%3Dtrue%26rnd%3D8217723590861883%26tile%3D7%26pos%3D1%26tl%3Dforex%26kval%3Dforex%26adx_b%3De4%26h%3D3%26arc%3D0%26art%3Do%26fp%3D1%26ivp%3D100%26bs%3D1600x1200%26ap%3D5x150%26rp%3D5x150%26tid%3D3092%26a9_16%3D0%26nx_16%3D0%26pm_16%3D0%26oxb_16%3D0%26pb_16%3D0%26ml_16%3D80%26xu%3D0%26dnt%3Dfalse%26d%3Dd%26viewCount%3D01%26ord%3De1ad82c4-745a-4923-b112-87395af95c08%26dt%3Dpg%26rft%3Ddi%26usn%3Dthefly%26is_search%3Dfalse%26uc%3Dt%26bsc%3D87010254%2C99000001%2C84132004%2C99012001%2C99012003%2C99012004%2C99012012%2C84131001%7Cuat5%3Dtrue%26adslot%3Dd_OOP_1%26rnd%3D9174939227471992%26tile%3D8%26pos%3D1%26tl%3Dequities%26kval%3Dequities%26adx_b%3De3%26h%3D3%26arc%3D0%26art%3Do%26fp%3D1%26ivp%3D100%26bs%3D1600x1200%26ap%3D353x5%26rp%3D353x5%26tid%3D346%26xu%3D-1%26dnt%3Dfalse%26d%3Dd%26viewCount%3D01%26ord%3De1ad82c4-745a-4923-b112-87395af95c08%26dt%3Dpg%26rft%3Ddi%26usn%3Dthefly%26is_search%3Dfalse%26uc%3Df%26bsc%3D87010254%2C99000001%2C84132004%2C99012001%2C99012003%2C99012004%2C99012012%2C84131001&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1610162870&dt=1610162870277&dlt=1610162868470&idt=1204&frm=20&biw=1600&bih=1200&oid=3&adxs=353%2C1047%2C1071%2C5%2C353&adys=6%2C152%2C110%2C150%2C5&adks=1120371712%2C3943956559%2C3890475695%2C1920754904%2C891938934&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthefly.com%2Fportfolios.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=738x-1%7C310x260%7C88x-1%7C160x-1%7C738x-1&msz=728x-1%7C300x250%7C88x-1%7C160x-1%7C1x-1&ga_vid=1335814065.1610162869&ga_sid=1610162870&ga_hid=1057649367&fws=516%2C4%2C516%2C516%2C516&ohw=738%2C310%2C1600%2C1600%2C738&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

b1b1c03c5d793e4cc623f6706ce7130ab4d629046b9998ec593790d38ce6bc2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25035
x-xss-protection: 0
google-lineitem-id: 5072505556,-1,-2,-1,5419961198
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271334797,-1,-2,-1,138316713527
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thefly.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 34ms
20ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

OPTIONS
H2 200 /
uat5.investingchannel.com/log/report/ Frame 0
0 361ms
120ms Other 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol: H2
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://thefly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin: https://thefly.com
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server: Jetty(9.4.12.v20180830)

OPTIONS
H2 200 /
uat5.investingchannel.com/log/error/ Frame 0
0 360ms
120ms Other 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/error/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol: H2
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://thefly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin: https://thefly.com
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server: Jetty(9.4.12.v20180830)

POST
H2 201 / Show response
uat5.investingchannel.com/log/report/ 0
444 B 154ms
153ms XHR
text/plain 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
server: Jetty(9.4.12.v20180830)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://thefly.com
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 201 / Show response
uat5.investingchannel.com/log/error/ 0
444 B 125ms
124ms XHR
text/plain 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/error/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
server: Jetty(9.4.12.v20180830)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://thefly.com
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC65 0
0 66ms
65ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnQUyAJSrsPV7QFMUJDh6-1PdOKYcfDC_ZnxRW5skduU1rble_3miIFsxd1TJ1mcNZazaWPPb6afU91nLrcTcn3NWCYIh0LNlX-eTds0dKG3Qt7-qj-QZ9VZSmemb0F8VN1EdYdgm4BaBf3rk7kxct2aO3jANIsIDD5AnKQ0bjOAlmNzvjf6h4kDMVzCWTSOm0bHx-JtzXAqXkqqA_l8D8LR8TUkKp7OiCgSiZTYBhRAWfN-q7KVzbhsG9fZrmsg&sig=Cg0ArKJSzLxDP6cf4fAbEAE&urlfix=1&adurl=

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AC65 132 KB
46 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd6c76a10fe27d9e6f00a11328b5d233bd90d38c8407a85877a55c8fd2a3530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47080
x-xss-protection: 0
server: cafe
etag: 16593419199845738291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jan 2021 03:27:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC65 104 KB
32 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Sat, 09 Jan 2021 03:27:50 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/investingchanneldfp968162900681/ Frame AC65 0
257 B 3141ms
52ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/investingchanneldfp968162900681/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:53 GMT
last-modified: Thu, 22 Aug 2019 15:29:54 GMT
server: AmazonS3
x-amz-request-id: DA43C1CEEBC611BF
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=48698
accept-ranges: bytes
content-length: 0
x-amz-id-2: f6ayxaGDFoQgfyOLU6YI8L+nnVPb+CGjMD+FNaDDn+/qypBxSoAgyLyYcLpRbI2XKnFdLLIyaXE=

GET
H2 200 p-ed9LRhNGf2zt2.gif
pixel.quantserve.com/pixel/ Frame AC65 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-ed9LRhNGf2zt2.gif?labels=_campaign.media.AID.30511459.CID.263021059.LIID.5072505556

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 4ABD 180 KB
50 KB 76ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 117198
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 18:54:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 18:54:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4ABD 13 KB
5 KB 75ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 239898
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 06 Jan 2021 08:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jan 2022 08:49:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4ABD 90 KB
28 KB 69ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 202088
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 06 Jan 2021 19:19:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jan 2022 19:19:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4ABD 3 KB
1 KB 81ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 202088
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 06 Jan 2021 19:19:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jan 2022 19:19:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4ABD 41 KB
13 KB 79ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 292276
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 05 Jan 2021 18:16:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jan 2022 18:16:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4ABD 6 KB
775 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jan 2021 03:10:31 GMT
server: ESF
date: Sat, 09 Jan 2021 03:27:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jan 2021 03:27:50 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/17527736172889298435/ Frame 4ABD 47 KB
48 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17527736172889298435/2076313506083323656

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f057cc8e7dfee6c9ca776ababf68d1b94481200b05cd6296073f15dd207507ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 08:37:01 GMT
x-content-type-options: nosniff
age: 240649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48603
x-xss-protection: 0
last-modified: Mon, 20 Jul 2020 14:09:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jan 2022 08:37:01 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11083055018876131630/ Frame 4ABD 3 KB
4 KB 51ms
48ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11083055018876131630/downsize_200k_v1?w=200&h=200

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d04d23d88bef9f3e847a45832b3a4a40c71462820cc78fb29ae85a5c726a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:17:33 GMT
x-content-type-options: nosniff
age: 126617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3497
x-xss-protection: 0
last-modified: Wed, 06 Mar 2019 13:22:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 16:17:33 GMT

GET
DATA 200
OK truncated
/ Frame 4ABD 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4ABD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22f0153cb3229ca4206038916fb1858183b3fe7a00557450205f4f3fafea0f06

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABD 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 14003
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABD 295 B
389 B 9ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 20069
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 09 Jan 2021 21:53:21 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4ABD 0
0 76ms
26ms Image
text/html 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuFcIrzZ01FTmpQpwkWNhJ97gKYU4IqrV66VOE1FbpMc_DpS3z5QNmz-fbVKfYcQmU4jtniUSY8DguNVhVUIbvbaIuZQ
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4ABD 0
0 50ms
49ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvBYptiL5X9P5FIKR7_UPupy4uAPF3YrwX5mTqIaKDJWT_M3_GhABIK-J4BVg9ZXOgeAEoAHjz-i3A8gBCakCdfzfgFTysj7gAgCoAwHIAwqqBOgBT9Aa5f-P5b07iiCTFuaAcfJS31kNyY1xI0sC8Vzl5r5ivrtbF2BIxkxlVsnfkGRu52O3gneDBBwS8qUVA8cLyuJW2JPoXm7bBnKoNXuIzkVhc5rk6sciBrBp9RjoP4gvAueiWmqPf6xZgcKoLFFvBeAw5uZv73iT0URdManKs0xWjQdioDT7QjZkkk7iHRsSZWuiOkW_JddXsvKVXUnr5oXyrZQDfBtY8bNeFovEbznl0MqLmJ4MQh-K2mnnB_9OaZsPpbZYBtQ8ePBSbojU6EdC8Iw2W5J8okFivtWmWaljxtGz0ULJusAEk6ejh5ID4AQBkgUECAQYAZIFBAgFGASgBi6AB4Wwl0ioB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCD_V3SCAcIgGEQARgd8ggbYWR4LXN1YnN5bi0zMzU3ODkxMjI3NzY1NjgzgAoDyAsB2BMNiBQCshcaChgIARIUcHViLTE5MDkyMzEyOTM4NTg0MjU&sigh=82QJkIlKEqc&template_id=484&tpd=AGWhJmsCj_YJSiiSrQsQY-I1x6wCBw8FbxgIWyUxNLz7Tz988A
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Sat, 09 Jan 2021 03:27:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4ABD 11 KB
11 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thefly.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 15:35:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 129137
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 07 Jan 2022 15:35:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4ABD 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thefly.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 06:19:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 248884
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 06 Jan 2022 06:19:46 GMT

GET
H3-Q050 200 container.html
a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3C2D 0
0 27ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefly.com/portfolios.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sat, 09 Jan 2021 03:27:50 GMT
expires: Sun, 09 Jan 2022 03:27:50 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

uattag.js Show response
www.content.iclnd.com/dfp/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty-0LEjlnkzn7htgrF39wfSaqriss4i4-ZLtSTY9yD1ST6cshxwF4eYa5ngMxcWuNYFcG8VvywMV8zKiRXhIT9C8Qo1InpbFoRH9dO6zpyYFidoDfBEGw8G-ey1muaaBsOHpNgoVauC...
https://www.content.iclnd.com/dfp/uattag.js

4 KB
2 KB

1644ms
123ms

Script
application/javascript

173.236.245.161
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.content.iclnd.com/dfp/uattag.js
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.236.245.161 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps387620.dreamhostps.com
Software: Apache /
Resource Hash: df5e58bf7e82c948a6df30990c5ec998b9aa930529e5f21075964b962c31c9dc

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:52 GMT
content-encoding: gzip
last-modified: Thu, 17 Sep 2020 14:10:23 GMT
server: Apache
etag: "1199-5af82f1f8f210-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1565
expires: Mon, 08 Feb 2021 03:27:52 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:50 GMT
x-content-type-options: nosniff
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.content.iclnd.com/dfp/uattag.js
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2B08 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3a22329d820e642587d825dc8f21e76edc25c3d28738674652a3a7aec25b25

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AC65 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b0e68c2b3d5155cb5549f8c2cc1dbfd85ac0644ad1382ce732b18e4104d58dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame AC65 234 KB
88 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jan 2021 03:27:51 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 9EA6 0
0 49ms
49ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefly.com/portfolios.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUki5bKYv6axvAOI1EbiRmBvSOwBEVv6oHNnmkyoAm_R6Vr1y416Ua5649vZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 08 Jan 2021 12:24:21 GMT
expires: Fri, 22 Jan 2021 12:24:21 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 54210
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABD 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 14004
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4ABD 295 B
326 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 20070
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 09 Jan 2021 21:53:21 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame AC65 200 B
639 B 97ms
35ms Script
text/javascript 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=thefly.com&callback=_gfp_s_&client=ca-pub-3883965453722003&cookie=ID%3Dab6497ae913109a2%3AT%3D1610162870%3AS%3DALNI_MbHRRxhueT87JFq9Up2NWarsJkIgw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f226.1e100.net

Software

cafe /

Resource Hash

9097266b76d883a7d579e4d00b2e17e48b3b3afa0a884563052692364bf90f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame AC65 109 B
803 B 40ms
21ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thefly.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame AC65 109 B
781 B 41ms
27ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thefly.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 505F 0
0 311ms
310ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=0&client=ca-pub-3883965453722003&output=html&h=280&slotname=8459837238&adk=1337925693&adf=3173046728&pi=t.ma~as.8459837238&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fthefly.com%2Fportfolios.php&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1610162870996&bpp=15&bdt=209&idt=196&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dab6497ae913109a2%3AT%3D1610162870%3AS%3DALNI_MbHRRxhueT87JFq9Up2NWarsJkIgw&correlator=1080671186130&frm=23&ife=4&pv=2&ga_vid=1335814065.1610162869&ga_sid=1610162871&ga_hid=1918775813&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=6&biw=1600&bih=1200&isw=728&ish=90&ifk=2359403880&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=1911991378653564&pem=69&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Co%7CE%7C&abl=NS&pfx=0&fu=8324&bc=31&ifi=1&uci=1.wivtn6j7rcju&fsb=1&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=0&client=ca-pub-3883965453722003&output=html&h=280&slotname=8459837238&adk=1337925693&adf=3173046728&pi=t.ma~as.8459837238&w=728&fwrn=3&fwrnh=100&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fthefly.com%2Fportfolios.php&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1610162870996&bpp=15&bdt=209&idt=196&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dab6497ae913109a2%3AT%3D1610162870%3AS%3DALNI_MbHRRxhueT87JFq9Up2NWarsJkIgw&correlator=1080671186130&frm=23&ife=4&pv=2&ga_vid=1335814065.1610162869&ga_sid=1610162871&ga_hid=1918775813&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=6&biw=1600&bih=1200&isw=728&ish=90&ifk=2359403880&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=1911991378653564&pem=69&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=o%7Co%7CE%7C&abl=NS&pfx=0&fu=8324&bc=31&ifi=1&uci=1.wivtn6j7rcju&fsb=1&dtd=228
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefly.com/portfolios.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUki5bKYv6axvAOI1EbiRmBvSOwBEVv6oHNnmkyoAm_R6Vr1y416Ua5649vZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 09 Jan 2021 03:27:51 GMT
server: cafe
content-length: 22865
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC65 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Sat, 09 Jan 2021 03:27:51 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4ABD 42 B
79 B 21ms
21ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi8sEwQQvt44Mlh1QxfjVdoFzs7WuwAQYOpe2OrNSd08_sbn0CEVo-x3VMRzi6-Y_xh0vTNc7fON_RQm8kGHTi_9SuiF48-T9saGa5M9-US2dNv2zejvNzmblbVjwnsEZBSusdGyfsV0C2cBsadA&sai=AMfl-YSRF_ZQ8zLUGEBhbkRIUVr2MFt-3ifafjm6bfhUU2biYXFZeKZkYE2YlMdlTt9ArJuTIJDQ5uSqV5Nel2FLLP-HT9eHIgx-4G3bB3yym4jbzUmJ5-I8qcRoLsCu&sig=Cg0ArKJSzEfDByex-SOgEAE&cid=CAASFeRokbmMtLZa-Uby4Ya13RR8gp-FlQ&id=ampim&o=1047,152&d=300,1050&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=150&tls=1151&g=99.80952143669128&h=99.80952143669128&tt=1151&r=v&avms=ampa&adk=3943956559

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 / Show response
uat5.investingchannel.com/log/report/ 0
444 B 124ms
124ms XHR
text/plain 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 09 Jan 2021 03:27:52 GMT
server: Jetty(9.4.12.v20180830)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://thefly.com
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 /
uat5.investingchannel.com/log/report/ Frame 0
0 120ms
119ms Other 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol: H2
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://thefly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Jan 2021 03:27:52 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin: https://thefly.com
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server: Jetty(9.4.12.v20180830)

GET
H2 200 equities Show response
uat5.investingchannel.com/target/ 56 B
449 B 120ms
120ms XHR
text/plain 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/target/equities
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: b8d50df734a285f57dc2d6316ea5d8e562af822b10d5dc928341d19d15966057

Request headers

Accept: */*
Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:52 GMT
server: Jetty(9.4.12.v20180830)
etag: "0846b26ae56c11c0cac63f8da23bab205"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://thefly.com
cache-control: public, must-revalidate, max-age=180
access-control-allow-credentials: true
content-type: text/plain;charset=utf-8
content-length: 56

GET
H2 200 optout_check Show response
beacon.krxd.net/ 92 B
250 B 49ms
49ms Script
text/javascript 52.48.18.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.investingchannelinc.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cb9d10d5b3f6cee94c098bf8de2b40c4579c76e5d22a093df7b4ea4915fbcddc

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:52 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=40 t=1610162872
x-served-by: beacon-n011-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 353 B
529 B 129ms
128ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=9427dd0d-835c-471c-a5db-ab01ae8a681c&technographics=1&callback=Krux.ns.investingchannelinc.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f92cdbed9bfa8f5401a05e12be0345dca3ea4f8c381deb491c70909d60337b4c

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Sat, 09 Jan 2021 03:27:52 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a006-ash-prod.krxd.net, cache-hhn4027-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1610162873.665601,VS0,VE102
content-length: 274
x-cache-hits: 0, 0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 549 B
746 B 218ms
218ms XHR
text/javascript 65.9.68.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3310&u=https%3A%2F%2Fthefly.com%2Fportfolios.php&pid=LXioTejrwS89z&cb=1&ws=1600x1200&v=7.58.01&t=1900&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22HighViewability%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0a91e5d22bcf5a4ca80db867881d4de3bd2c0b36f93d76fbbf9f0f0db8a365e1

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:52 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://thefly.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 372
via: 1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
x-amz-cf-id: prDvKHCyC7odJAQfTsOF_V-k9Eahoy5MqWyx2bQiHGXrS0jqmVZ9pw==

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 4 KB
4 KB 95ms
94ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ae13e3ee83492d12fc924d32fc67136952a9dfb819bb8ec4d83abbc6a14dc3d9

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thefly.com
date: Sat, 09 Jan 2021 03:27:52 GMT
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 arj Show response
investing-channel-d.openx.net/w/1.0/ 188 B
366 B 37ms
36ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://investing-channel-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthefly.com%2Fportfolios.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=f5a3883d-06b2-4210-8e37-c23d202576e0&nocache=1610162872758&us_privacy=1---&aus=728x90%2C970x250&divIds=investingchannel_div_5868437383817944_HV&auid=539046157
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: efa95c6b8a8e254ecaa5396e8b73727f6432010104bda7b0bc8cc0dfd7da64fa

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:52 GMT
content-encoding: gzip
server: OXGW/16.200.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://thefly.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST v1
prg.smartadserver.com/prebid/ 0
0

GET
H2 200 hb Show response
ice.360yield.com/ 8 KB
5 KB 135ms
134ms XHR
application/json 18.185.200.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22436350d5f644d75%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fthefly.com%2Fportfolios.php%22%2C%22us_privacy%22%3A%221---%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2240f6fcb507314a5%22%2C%22pid%22%3A%2222328722%22%2C%22tid%22%3A%22f5a3883d-06b2-4210-8e37-c23d202576e0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.200.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-200-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cd62cf85481c9068014710214e76550ca08767c82c33a8a1ee1dcfe1fa9544b0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thefly.com
date: Sat, 09 Jan 2021 03:27:52 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 4952
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 33ms
33ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

93e051dbea3bb21a367dff1e636e3fa3746eb156657cdfbd0d15502806f17ab0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 09 Jan 2021 03:27:52 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.58:80
AN-X-Request-Uuid: dcc520a3-5f38-4e75-b55a-189d069f7aa6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thefly.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
336 B 49ms
48ms Image
text/plain 52.48.18.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=txe9jbx58&_kpid=9427dd0d-835c-471c-a5db-ab01ae8a681c&_kcp_s=IC%20RON&_kcp_d=thefly.com&_knifr=9&_kua_kx_tz=-60&geo_country=ch&geo_region=zh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_uid=vwwr35k4p&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=ch&_kua_kx_geo_region=zh&_kpa_url_path_1=portfolios.php&_kpa_meta_keywords=stock%20market%20news%2C%20financial%20investment%20news%2C%20live%20stock%20market%20news%2C%20live%20stock%20market%20feeds%2C%20stock%20market%20alerts&_kpa_domain=thefly.com&_kpa_viewcount=01&_kpa_rft=di&_kpa_usn=thefly&_kpa_zone=equities&t_navigation_type=0&t_dns=8&t_tcp=14&t_http_request=-1&t_http_response=1&t_content_ready=735&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vwwr35k4p&userdata_user=N352HEmn%2Cvwwr35k4p&sview=1&kplt0=39860&kplt1=40009&kplt2=40566&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F9427dd0d-835c-471c-a5db-ab01ae8a681c%2C106%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2F9427dd0d-835c-471c-a5db-ab01ae8a681c%2C103%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C51%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C130
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-18-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:52 GMT
cache-control: private, no-cache, no-store
x-request-time: D=47 t=1610162872
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 201 / Show response
uat5.investingchannel.com/log/report/ 0
445 B 126ms
125ms XHR
text/plain 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 09 Jan 2021 03:27:53 GMT
server: Jetty(9.4.12.v20180830)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://thefly.com
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 /
uat5.investingchannel.com/log/report/ Frame 0
0 120ms
120ms Other 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol: H2
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://thefly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Jan 2021 03:27:53 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin: https://thefly.com
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server: Jetty(9.4.12.v20180830)

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 347ms
346ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=269999813441665&correlator=2288529118982642&output=ldjh&impl=fifs&adsid=NT&eid=21068773%2C21069145%2C21069767&vrg=2021010705&gdpr=0&us_privacy=1---&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210109&iu_parts=5206%2Cthefly%2Cequities&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1%7C728x90%7C970x250&prev_scp=dcopt%3Dadhesion%26adslot%3Dd_Adhesion_1%26uat5%3Dtrue%26rnd%3D5868437383817944%26tile%3D16%26pos%3D1%26tl%3Dequities%26kval%3Dequities%26adx_b%3De9%26h%3D3%26arc%3D0%26art%3Do%26fp%3D0%26ivp%3D0%26bs%3D1600x1200%26ap%3D786x1202%26rp%3D786x1202%26kuid%3Dvwwr35k4p%26a9_92%3D1612jgg%26a9_92_id%3DIi6plhlr3U0OWLgcrrkZ6HYAAAF25S-ibwMAAAzuAb7NPVs%26nx_79%3D0%26pm_79%3D0.07%26pm_79_id%3D455206bd3f68d61%26oxb_79%3D0%26pb_79%3D0.1%26pb_v%3Ddgt%26pb_79_id%3D40f6fcb507314a5%26ml_79%3D70%26ml_92%3D80%26xu%3D0%26dnt%3Dfalse%26d%3Dd%26viewCount%3D01%26ord%3De1ad82c4-745a-4923-b112-87395af95c08%26dt%3Dpg%26rft%3Ddi%26usn%3Dthefly%26is_search%3Dfalse%26uc%3Dt%26bsc%3D87010254%2C99000001%2C84132004%2C99012001%2C99012003%2C99012004%2C99012012%2C84131001&eri=1&cookie=ID%3Dab6497ae913109a2-22e713b483b9009a%3AT%3D1610162871%3ART%3D1610162871%3AS%3DALNI_MbWd6CPrS6VzJTsL7O1tjh8t8tP7A&bc=31&abxe=1&lmt=1610162873&dt=1610162873568&dlt=1610162868470&idt=1204&frm=20&biw=1600&bih=1200&oid=3&adxs=785&adys=1201&adks=3324763714&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthefly.com%2Fportfolios.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=2x-1&msz=2x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8R90nwEtK60ylfz6Po5HHI9cLEKfIlQkDJhVd4M0Etjf2aV3BXU5CWdbCy33lTvyoCoeMvgbN4FdU%2CAGkb-H8OQ2_feIOU-I6eDCrNHhqG2PYXsddw_4G4CEyeYnIHWF2ajGfS9SjmSxjdmym_eaZTULQ9lB-TIY4&ga_vid=1335814065.1610162869&ga_sid=1610162870&ga_hid=1057649367&fws=516&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

a7faccb1c224a4bb7805c12f973a419e8b3840a4bf51a1cf34a66a2307c59955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11449
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thefly.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
25 B 14ms
13ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=269999813441665&r=2x1%7C728x90%7C970x250&w=970&h=250&a=0

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame E065 180 KB
51 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 117201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 07 Jan 2021 18:54:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 18:54:32 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E065 13 KB
5 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 239901
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 06 Jan 2021 08:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jan 2022 08:49:32 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E065 90 KB
27 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 202091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 06 Jan 2021 19:19:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jan 2022 19:19:42 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E065 3 KB
1 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 202091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 06 Jan 2021 19:19:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jan 2022 19:19:42 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E065 41 KB
13 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 292279
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 05 Jan 2021 18:16:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jan 2022 18:16:34 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E065 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 14006
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E065 295 B
389 B 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010705.js?21069767

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 20072
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 09 Jan 2021 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame E065 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d985c71d45e65a349188f72a3ce491f2b5118e4a47ad7d8a7cdcb409025fa7c

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 9938980806239715977
tpc.googlesyndication.com/simgad/ Frame E065 29 KB
29 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9938980806239715977?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmuX_FzdfmTTGXGTxXkeYitP1RsuA

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b3597e6f85a0ae3a0c80b4e8a9754f111799b513f24153e8d4905428d986e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:17:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Sep 2018 18:18:48 GMT
server: sffe
age: 126647
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29357
x-xss-protection: 0
expires: Fri, 07 Jan 2022 16:17:06 GMT

GET
H3-Q050

200

B23794173.267051853;dc_pre=CP-Wh5H0je4CFVXluwgdHZYHog;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1382525692;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame E065
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1382525692;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=CP-Wh5H0je4CFVXluwgdHZYHog;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1382525692;dc_lat=;dc_rdid=;tag...

42 B
65 B

49ms
45ms

Image
image/gif

172.217.22.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=CP-Wh5H0je4CFVXluwgdHZYHog;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1382525692;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23794173.267051853;dc_pre=CP-Wh5H0je4CFVXluwgdHZYHog;dc_trk_aid=461739501;dc_trk_cid=105894660;ord=1382525692;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E065 0
0 36ms
35ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuesOuSL5X-uyJYyR7_UPic2ekAqw-o7zYLi1gYekC6Cz6sXnDxABIK-J4BVg9ZXOgeAEoAHv9Y7bA8gBAuACAKgDAcgDCKoE5QFP0Kb3Vw8abL5MXh5OU3Tm_v-ZMqpVs7Mw4socMELiEC10uiNwzeukFi5oeW-E1vArFs-4mepCqOj5Jrwa9kM9l1p9JmuyrHkLXwIAnys5d-BxhimgxjNZfemPP5e0qSmHMpuE-bVmcKCLJRKZAEzrprcwIlJgYbdKSdGHENn9a35s1CfGrM4Tx4Ddb6gNg2Zrksvf0wgfBW3dsiTmML_PhOqPzE8YU2rz_J2lpDl-pRX4EYvDD05ODnbermmVvarLdQb01Q7s_reo-_ycHO1GCN3j_pPdkigNv5P4z3p6mJYixB4OwASYv6-YogLgBAGSBQQIBBgBkgUECAUYBKAGAoAHnrabKagH1ckbqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEI7UZ9IIBwiAYRABGB3yCBthZHgtc3Vic3luLTMzNTc4OTEyMjc3NjU2ODOACgPICwHYEwyyFxoKGAgBEhRwdWItMTkwOTIzMTI5Mzg1ODQyNQ&sigh=KbLXWGrV1qI&tpd=AGWhJmvtG1iTVZYUCI71MoOxCmWVSZidcYWwZiHMGy_n3RHw-w
Requested by: Host: thefly.com
URL: https://thefly.com/portfolios.php
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AC65 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d54e1a50eb576d20a71b768d51c980ffcaeabc435960c5a2cb65496b4a6fd287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6450
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC65 0
0 84ms
50ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvhmLVTi_mfDFRPi-8hHeNk4GUaMh_RyjWkaCgRUgciLcXkzmW38UfnGyESQ69y5yh5Iy3En-8jCuC0wQYoG-DgsBcA5ytSMBjMtwLHtxlFtL0wiBijiw2VLKDmGBw5zOi84wKkK8ycs2F3djwUAwK25wdGsJr2luHXy8xhxqjrh-2o3pWb-ZBJquw8cHEUsAU0ArhDygFKZpulI8f8owtu6iX5fb0fO-7qbxgbF55QnjaaFoL-BYmK5np2CiU4IMf&sig=Cg0ArKJSzDRitw0Iq4F5EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jan 2021 03:27:54 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Jan 2021 03:27:54 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AC65 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 03:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Sat, 09 Jan 2021 03:27:53 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 9722 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefly.com/portfolios.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://thefly.com/portfolios.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Fri, 08 Jan 2021 21:53:32 GMT
expires: Sat, 08 Jan 2022 21:53:32 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20061
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 9938980806239715977
tpc.googlesyndication.com/simgad/ Frame E065 29 KB
29 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9938980806239715977?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmuX_FzdfmTTGXGTxXkeYitP1RsuA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b3597e6f85a0ae3a0c80b4e8a9754f111799b513f24153e8d4905428d986e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:17:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Sep 2018 18:18:48 GMT
server: sffe
age: 126648
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29357
x-xss-protection: 0
expires: Fri, 07 Jan 2022 16:17:06 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E065 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 14007
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E065 295 B
325 B 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 20073
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 09 Jan 2021 21:53:21 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC65 0
46 B 15ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=1911991378653564&bg=!SEulS2vNAAXKjztByliGgewUrkQKhAIAAAB4UgAAABNoAQcKAJar3IU9tMRvvBAbfvpw89YOYUNF6fnZ_vPMXpOs80MEsteFM6gwzrctXFoTDrdh2MolCTjA5-xU0Lt8xWIcw6w_K7Drg8KobfmrR38xUKGthIe_UHIVBTCmDpYKyplPuo22M4APAfy3gpOLvPzRDPd_z60BueTM_qo4Pu9XZFZAni7TIZERMJwBKks-HokPH6bhaw30IWKZAblnYRdfzysUR3Z6UMcTyoz2u8Av-ssXzVQKhtuhCHMlsvUegRCvoHFCpX8cA7eqjW9CXSkqtYiHt2xzy0433BAOs6chOXCxkxM2vK6EqgM3nTA5pStrqMGSTnXnuRVMnBje89nnFY-MGxqNW-e1OH4Za1zCtVBi71QTsyfbcGNoO9wdbQA5TomGIBB06Tj7tM1xPSmAGO9jHRbLPpqK4Fg8b8fz9EmZvjclO1ESoXiusQYvWwyMi5MMq2SXTxrIMAjYU0aTHlm5fAmxYe7hKK-A1JkkMgtTOSUPf3CFQQjueIr0hoeVHnpEuNg2uFNOE6gwlrjzYlFY1DOmSyFR8tPJ_tONMpLcMfLeNwnCExD4YMSQ5JiBsV0jEjUNxZmiIxAdt3qnYWQSu_qOymG2_JQY6iQj24bkzmw1e-QbWZ-G4FYThRFEwdn6oSz43dkmCwddEnNukVzG5lQR3gEAF1bCazhK8QUBa6UW4_cZN0weZjG2XsokxNO7P8XCY3L2LYEF2DYaWuUN9B3L7-HgXxv7PSA4IkalDymxXXCDwpVqHM2tbU6hg0Ssb6yHRMVqnY1_VeEpFya0EHs

Requested by

Host: thefly.com
URL: https://thefly.com/portfolios.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 03:27:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 /
uat5.investingchannel.com/log/report/ 0
445 B 125ms
125ms XHR
text/plain 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Requested by: Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept: */*
Referer: https://thefly.com/portfolios.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 09 Jan 2021 03:27:54 GMT
server: Jetty(9.4.12.v20180830)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://thefly.com
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 /
uat5.investingchannel.com/log/report/ Frame 0
0 120ms
120ms Other 3.89.172.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/report/?gdprapplicable=false&uspstatus=NOT_APPLICABLE
Protocol: H2
Server: 3.89.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-172-80.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://thefly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Jan 2021 03:27:54 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin: https://thefly.com
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server: Jetty(9.4.12.v20180830)

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame CD34 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame D4AE 0
0

GET pd
eu-u.openx.net/w/1.0/ Frame 881C 0
0

GET showad.js
ads.pubmatic.com/AdServer/js/ Frame 435B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.transactionunification.com
URL: https://www.transactionunification.com/tag.js

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13234

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Domain: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=b8ebf937-0729-479a-9d75-4988d14491af&gdpr=0&us_privacy=1---

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://thefly.com/js/todosE.js?lastUpdate=202101083423888129(Line 607) Message: dotdotdot: No element found for "#header_new dd".
console-api	log	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 41) Message: Initializing model = 0e5c08ae-fecf-41c6-8671-93ae635c67af
console-api	warning	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 18) Message: Initialization of backend webgl failed
console-api	warning	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 18) Message: Error: WebGL is not supported on this device at new e (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:287866) at Object.factory (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:340939) at t.initializeBackend (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:38038) at t.initializeBackendsAndReturnBest (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:39477) at t.get [as backend] (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:36077) at t.makeTensor (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:43157) at Un (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:79546) at e.apply (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:34:15412) at e.addWeight (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:34:36228) at e.build (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:34:152793)
console-api	log	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 41) Message: Initializing model complete= 0e5c08ae-fecf-41c6-8671-93ae635c67af took = 138
console-api	log	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 41) Message: ICPredictiveReadyCallback
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://thefly.com/portfolios.php
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://thefly.com/portfolios.php

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a28a79952cabb3aecc9a846dcb117b70.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.wsod.com
ads.pubmatic.com
adservice.google.ch
adservice.google.com
adservice.google.de
api.rlcdn.com
beacon.krxd.net
c.amazon-adsystem.com
cdn.ampproject.org
cdn.krxd.net
consumer.krxd.net
dggaenaawxe8z.cloudfront.net
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
in.getclicky.com
investing-channel-d.openx.net
loadus.exelator.com
lovelydrum.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prg.smartadserver.com
securepubads.g.doubleclick.net
static.getclicky.com
stats.g.doubleclick.net
thefly.com
tpc.googlesyndication.com
u5.investingchannel.com
uat5.investingchannel.com
www.content.iclnd.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.transactionunification.com
z.moatads.com
acdn.adnxs.com
ads.pubmatic.com
api.rlcdn.com
eu-u.openx.net
prg.smartadserver.com
www.transactionunification.com
147.75.102.200
151.101.114.133
172.217.16.194
172.217.22.6
173.236.245.161
18.185.200.55
185.64.189.112
198.145.13.14
2.18.235.40
209.234.224.20
216.58.205.226
2606:4700:10::6816:548
2606:4700::6810:a010
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::2001
2a00:1450:4001:801::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:814::200a
2a00:1450:4001:814::200e
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::2004
2a00:1450:400c:c00::9c
3.89.172.80
34.98.64.218
35.190.91.111
37.252.172.249
52.48.18.249
52.95.116.38
65.9.68.126
65.9.71.7
0305fad1bc8003ec6fac579f9ae05ad7bc877e785b938dd33246f1018256eb90
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a91e5d22bcf5a4ca80db867881d4de3bd2c0b36f93d76fbbf9f0f0db8a365e1
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0da043217416a60756cf5d226f80eb9f24db0c0a20db3a556cb9cf8fc9273990
0df3d84aedf0de8f2397c11fbe562bf1ddd59986e3494c311b3e42c0e4488f6c
0f89190ea49ebbb0325482e376d555016f168ac3666a01db9e7ea475b1c18803
14a215625e8412d70a808b1171b87a7a74c533449aa00193e16425c1692d1454
15d1eed96196a78616c28f3ce96fc081c4a63752ee5992a34bc25697c54dc521
165c1be7386197552c3580bee608f4873a0c6e0082a59b3719e7d5de26da2b0d
207a3625cdb5a72ea75bb3ac030d05406428ba3e4250a6aaaee3525c4a43403b
22f0153cb3229ca4206038916fb1858183b3fe7a00557450205f4f3fafea0f06
2f5ecbbd2965ce36b5b47226f59485bd4fbdf038c460b082a2cdb6dcec01ff4d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376
4393298c72815a6b2013b3250dbe323fc1ed93e19686564fd4b8467c4580a04f
4524830103b2783567d7278038c21e3bd9e75d1cec6f23b499fb5a431f64e6fa
475626821a590dd7c49a2dc258469975d632757b8698352860b7a17221b6e932
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
49e0a45588654bdf62c81286a336f875b3858a2611b559c95ef3f8d267e1f2ad
4e38dd5d0fd0845a2b9bcd01c18e9c33185cfc3a59c419a72e4133055144dbcd
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
519379de5383ce63ddca2b12efb082b9513167a67e5f129f3c35e5abe141e281
5195609afbc1fca03f3200b50d97a90a8eb0e4652108db990a1aa9a1c9f7a0af
53a065daabe4586450ee3cdf842106f6cf207537522b82a45a2b321220812826
58d8d3cfac103489c3d020e035a630104ff0105341d715235413da18b3eee2ff
5ae2289a04d59fc5904d17cc79f1da847c53a5659a21f07e5f4ea3eb74175742
5e84a7fa23c67f2587d494042c196dd11fd2af42cdb0c3099d50ba8b92e8d370
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6476d5263e61ce1751967fd00c36a39ee4a34ff44ce4cdbe76ed8c69de1f5bd8
66e307645ee3fd4c4710f96472f4ef45b43776177cbf4c02800a8370c4a116c2
69b3a7d3971147834282815864af92a54b9fad19ad3c31bf8787cf688c1d6d80
6d985c71d45e65a349188f72a3ce491f2b5118e4a47ad7d8a7cdcb409025fa7c
707e2a77d785636a074054813e3a0e3c1854fc60455c4f6f911317b9da2c87a8
70d04d23d88bef9f3e847a45832b3a4a40c71462820cc78fb29ae85a5c726a11
72fc1696c9c7a6528ae0bdf4448593018612e5985a7d03ed82cdc1bf4d3d9ec6
73ba2c44e72314f1533ec539aa0dd1d25d37baa75c5e0cc8da03026ed838b3b6
751b2c7babc557222134852842d3181e389d4009ccdd0c73517bd98efb8334a2
778d325177d923c0845704654ffff3a5535a1538fc8c88c325f813023d81915a
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7b0e68c2b3d5155cb5549f8c2cc1dbfd85ac0644ad1382ce732b18e4104d58dc
7cd6c76a10fe27d9e6f00a11328b5d233bd90d38c8407a85877a55c8fd2a3530
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9097266b76d883a7d579e4d00b2e17e48b3b3afa0a884563052692364bf90f1f
90b3597e6f85a0ae3a0c80b4e8a9754f111799b513f24153e8d4905428d986e4
915e27ed57a3253e5b06be504aa52344824f3ce054e2d5251565c8b36debf302
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92f942febe29a19ad8b6bda7c65c75ea6f405ee3fe19e4732dbfb8a5a3f71342
932effc0f5998b31562b7405f76bb0fcab537feeb4d15a9fc919bbbb3c235e9e
9359837f4d2ab522851c14eab424791fec76dce3f31c16658da2e7cb9684a445
9369a9de9d5fb7bba0550025ced0c99796c6418ffc2ab9d01d5d54457e0c3f8e
93e051dbea3bb21a367dff1e636e3fa3746eb156657cdfbd0d15502806f17ab0
973011e1531b51329b0dcc897c4126fe6359f40c1d586ebea477abf0b80439c6
9b38bc62845043237ea3c748d214d8d1646b8d303add77e4796da7f16ee33734
a079b6f2029be09d9b500ba0ef7d10f164b4fb1e3ca266466ee8e845314484d3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7faccb1c224a4bb7805c12f973a419e8b3840a4bf51a1cf34a66a2307c59955
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a87d5a2618a7f45cdee90de310ff578341ccec4871e24bf7b0a528a27d2e940d
ae13e3ee83492d12fc924d32fc67136952a9dfb819bb8ec4d83abbc6a14dc3d9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af692c6c9e2e76031b5256084c9d83a3adb36d7f1ff6ef830e81053f613bd56c
b1b1c03c5d793e4cc623f6706ce7130ab4d629046b9998ec593790d38ce6bc2e
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b85d9a094de874f837238dbf441f9d32d76e0f26591ecb1288df633e7a9e1cb2
b8d50df734a285f57dc2d6316ea5d8e562af822b10d5dc928341d19d15966057
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bbd68a2050371d1fecc77bf097f4f32accf4c106db81c52929312469c4d8a01a
bc0c8984bae302e47fbdd8d5aac8cfd94991221f6a05a4e9b3350c91cbd40ba4
bcfe7be7165a63bc569b4f2df05b2096cea9d8c11fa92e26a8ddb043c5087fa2
be3a22329d820e642587d825dc8f21e76edc25c3d28738674652a3a7aec25b25
c01e354196be9c9b8ac673fde3aa5569f36daaaeaef56db8c6080a6b7140d83d
c62ba31d908a6c8feb2342a0f658e1afd2a4df88208733e8871f893da290aec6
c6e173d569c2324c9470c5756f665f552769d12787b3ecb694248452102b5e26
cb9d10d5b3f6cee94c098bf8de2b40c4579c76e5d22a093df7b4ea4915fbcddc
cd62cf85481c9068014710214e76550ca08767c82c33a8a1ee1dcfe1fa9544b0
d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba
d54e1a50eb576d20a71b768d51c980ffcaeabc435960c5a2cb65496b4a6fd287
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
df57456cc75c2d66b5dbb7f6e5e0db047dc2d900928c3d96d7e8f216e4a9063e
df5e58bf7e82c948a6df30990c5ec998b9aa930529e5f21075964b962c31c9dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb3e2b3c82e48fbd3512ab22d5b4f75dea2d93a81da50bbd345523d6e94c0b79
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
eef83c043d43a01abc7ff72382a56ad10047c6b101d9dc260c2f5095c4d91284
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa95c6b8a8e254ecaa5396e8b73727f6432010104bda7b0bc8cc0dfd7da64fa
f057cc8e7dfee6c9ca776ababf68d1b94481200b05cd6296073f15dd207507ac
f1cc9f5409d9874e01b189708718f2b7b95040032f7e046c64fba300046c6fb0
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f92cdbed9bfa8f5401a05e12be0345dca3ea4f8c381deb491c70909d60337b4c
fb4189e4ba0ba9d8f5692c13fd8781fcb8921b3fcfb82cfbe0a0c678ab758178
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

thefly.com Open in urlscan Pro 2606:4700:10::6816:548 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

156 Requests

92 %HTTPS

41 %IPv6

30 Domains

45 Subdomains

33 IPs

7 Countries

1803 kBTransfer

5701 kBSize

0 Cookies

0 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thefly.com Open in urlscan Pro
2606:4700:10::6816:548 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

92 %
HTTPS

41 %
IPv6

30
Domains

45
Subdomains

33
IPs

7
Countries

1803 kB
Transfer

5701 kB
Size

0
Cookies

156 HTTP transactions
5 data transactions