clevelandbanner.com Open in urlscan Pro
65.61.154.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://clevelandbanner.com/
Submission: On February 12 via manual (February 12th 2021, 2:30:35 pm UTC) from US

Summary HTTP 206 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 30 domains to perform 206 HTTP transactions. The main IP is 65.61.154.7, located in San Antonio, United States and belongs to RMH-14, US. The main domain is clevelandbanner.com.

This is the only time clevelandbanner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 20	65.61.154.7 65.61.154.7	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	93.184.220.41 93.184.220.41	15133 (EDGECAST) (EDGECAST)
1	199.19.89.20 199.19.89.20	54105 (SSM-NET) (SSM-NET)
2 11	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:48f::116	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	65.61.154.201 65.61.154.201	33070 (RMH-14) (RMH-14)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
30	65.61.154.205 65.61.154.205	33070 (RMH-14) (RMH-14)
1	65.52.62.25 65.52.62.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
18 18	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
36	51.38.153.33 51.38.153.33	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
36	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
3 3	3.121.66.166 3.121.66.166	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.215.44 35.210.215.44	19527 (GOOGLE-2) (GOOGLE-2)
2 2	52.215.8.160 52.215.8.160	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1	54.72.237.129 54.72.237.129	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
206	30

20 65.61.154.7 (San Antonio, United States) 2 redirects

ASN33070 (RMH-14, US)

clevelandbanner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.41 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cloud.webtype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.19.89.20 (Belleville, United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-20.secondstreetmedia.com

clevelandbanner.mycapture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.98.64.218 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

pittpostgazette-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:48f::116 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

forecast.weather.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.61.154.201 (San Antonio, United States)

ASN33070 (RMH-14, US)

cdn3.creativecirclemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 65.61.154.205 (San Antonio, United States)

ASN33070 (RMH-14, US)

cdbbanners.creativecirclemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.52.62.25 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pls.webtype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 67.199.248.11 (United States) 18 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 51.38.153.33 (France)

ASN16276 (OVH, FR)
PTR: ip33.ip-51-38-153.eu

myvilight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1d88ee981152b4f856f046052194ba86.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

evzhzppj5kel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.110.162 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.66.166 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-66-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.215.44 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 44.215.210.35.bc.googleusercontent.com

ads.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.8.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-8-160.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.58 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.237.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-237-129.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	evzhzppj5kel.com evzhzppj5kel.com
36	myvilight.com myvilight.com	36 KB
33	creativecirclemedia.com cdn3.creativecirclemedia.com cdbbanners.creativecirclemedia.com	1 MB
22	google-analytics.com www.google-analytics.com	350 KB
20	clevelandbanner.com 2 redirects clevelandbanner.com	322 KB
18	bit.ly 18 redirects bit.ly	6 KB
14	googlesyndication.com 1d88ee981152b4f856f046052194ba86.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	76 KB
11	openx.net 2 redirects pittpostgazette-d.openx.net eu-u.openx.net us-u.openx.net	63 KB
5	ampproject.org cdn.ampproject.org	97 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	115 KB
5	gstatic.com fonts.gstatic.com	58 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	37 KB
4	googletagmanager.com www.googletagmanager.com	167 KB
4	bootstrapcdn.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com	95 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
2	adform.net 2 redirects c1.adform.net	638 B
2	bidr.io 2 redirects match.prod.bidr.io	999 B
2	programattik.com 2 redirects ads.programattik.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	facebook.net connect.facebook.net	62 KB
2	webtype.com cloud.webtype.com pls.webtype.com	2 KB
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	mathtag.com 1 redirects sync.mathtag.com	599 B
1	yahoo.com pr-bh.ybp.yahoo.com	836 B
1	google.com adservice.google.com	317 B
1	google.de adservice.google.de	317 B
1	googletagservices.com www.googletagservices.com	20 KB
1	weather.gov forecast.weather.gov	5 KB
1	mycapture.com clevelandbanner.mycapture.com
206	30

	Domain	Requested by
36	evzhzppj5kel.com	myvilight.com
36	myvilight.com	cdbbanners.creativecirclemedia.com myvilight.com
30	cdbbanners.creativecirclemedia.com	clevelandbanner.com cdbbanners.creativecirclemedia.com
22	www.google-analytics.com	www.googletagmanager.com myvilight.com www.google-analytics.com
20	clevelandbanner.com	2 redirects clevelandbanner.com
18	bit.ly	18 redirects
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net clevelandbanner.com cdn.ampproject.org tpc.googlesyndication.com
5	eu-u.openx.net	1 redirects pittpostgazette-d.openx.net eu-u.openx.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	us-u.openx.net	eu-u.openx.net
4	pagead2.googlesyndication.com	clevelandbanner.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagmanager.com	clevelandbanner.com
4	fonts.googleapis.com	clevelandbanner.com securepubads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net clevelandbanner.com
3	cdn3.creativecirclemedia.com	clevelandbanner.com
2	cm.g.doubleclick.net	1 redirects eu-u.openx.net
2	c1.adform.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	ads.programattik.com	2 redirects
2	pm.w55c.net	2 redirects
2	connect.facebook.net	clevelandbanner.com connect.facebook.net
2	pittpostgazette-d.openx.net	1 redirects clevelandbanner.com
2	maxcdn.bootstrapcdn.com	clevelandbanner.com maxcdn.bootstrapcdn.com
2	netdna.bootstrapcdn.com	clevelandbanner.com
1	match.adsrvr.org	eu-u.openx.net
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	eu-u.openx.net
1	1d88ee981152b4f856f046052194ba86.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagservices.com	cdbbanners.creativecirclemedia.com
1	pls.webtype.com	cloud.webtype.com
1	forecast.weather.gov	clevelandbanner.com
1	clevelandbanner.mycapture.com	clevelandbanner.com
1	cloud.webtype.com	clevelandbanner.com
1	ajax.googleapis.com	clevelandbanner.com
206	39

This site contains links to these domains. Also see Links.

Domain
www.wunderground.com
racing.ap.org
collegebasketball.ap.org
collegefootball.ap.org
pro32.ap.org
tnpublicnotice.com
cleveland.creativecirclemedia.com
cdbbanners.creativecirclemedia.com
hosted.ap.org
www.creativecirclemedia.com

Subject Issuer	Validity	Valid
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
weather.gov DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-10-18`	a year	crt.sh
creativecirclemedia.com R3	`2020-12-11` - `2021-03-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
myvilight.com R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
evzhzppj5kel.com R3	`2020-12-14` - `2021-03-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 22 frames:

Primary Page: http://clevelandbanner.com/
Frame ID: 474DE5F1367B982CF74D683719E59340
Requests: 87 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 23BAD832B735DC71222AA71DDE0D272C
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: AEC3ED408E11D02BBE2AE24D1F9AAB54
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 14E16A5492892370663E37401CD2CEEA
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: B168A4D1B2DA63B3E3B5DC72E8872616
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 265DB76CA79D61F55EB0A9763468241E
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 1F42E7754DA8873C85AE764D266C4302
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 8077AF10A1A9A63A3B6CB4313EEE12E5
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Frame ID: E75D7C243A09E32AC33DAB0AC8A8227B
Requests: 18 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: F98E944753CAEEC15A927728ED81BEEA
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: C9B1695BC527A87B68586A6D6B83F56D
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 2DBA7482A07117F516DBFC6C923FE753
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 6B5EC1E22249D72199A0A34D0FEF94BF
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: D766774C18468F47BC12C936249DB5EB
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: CB2EF38E7F7D5B482CDF60C8AC24DD85
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: DB9442B6B692AAF8393E03637EDAF8D0
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 1300AFA103A1012954AB5B7EF955481D
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: AB36B6686A9F8A2C0D89DD70AD4BBF5A
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: C60E4F4B64194562330AFF454E832E58
Requests: 5 HTTP requests in this frame

Frame: https://myvilight.com/adsbanner.html
Frame ID: 02FE507D79D4ACA98D1C8D87F1F6643B
Requests: 5 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Frame ID: CF28A3F53518717764D6136ABAF68DFF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 8E98BF5E48E1209BA0FDAFC0B6F647D6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

206
Requests

84 %
HTTPS

49 %
IPv6

30
Domains

39
Subdomains

30
IPs

8
Countries

3003 kB
Transfer

4857 kB
Size

7
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wunderground.com/weather/us/tn/cleveland
Title: Full forecast

Search URL Search Domain Scan URL

URL: http://racing.ap.org/clevelandbanner
Title: Auto racing

Search URL Search Domain Scan URL

URL: http://collegebasketball.ap.org/clevelandbanner
Title: NCAA basketball

Search URL Search Domain Scan URL

URL: http://collegefootball.ap.org/clevelandbanner
Title: College football

Search URL Search Domain Scan URL

URL: http://pro32.ap.org/clevelandbanner
Title: Pro football

Search URL Search Domain Scan URL

URL: http://tnpublicnotice.com/
Title: Statewide public notices

Search URL Search Domain Scan URL

URL: https://cleveland.creativecirclemedia.com/subscribe/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=129__zoneid=17__cb=3e1c66fbce__oadest=https%3A%2F%2Fbowaterecu.org%2Fconsolidate-your-debt-own-your-financial-future%2F

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=132__zoneid=2__cb=695deeff63__oadest=https%3A%2F%2Fwww.centurypa.com%2Fsenior-living%2Fgarden-plaza-cleveland%2F

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=15__zoneid=2__cb=7d23cc3250__oadest=http%3A%2F%2Fwww.companionfunerals.com

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=145__zoneid=2__cb=d1d691c599__oadest=http%3A%2F%2Fwww.wolfendenrx.com

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=64__zoneid=2__cb=deed75255c__oadest=http%3A%2F%2Fshoplocal.clevelandbanner.com%2F

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/d40937ddbc2541ffdedeac04110e3cec/fake-german-heiress-released-prison-fraud-case
Title: Fake German heiress released from prison in fraud case

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/7da7eb251c3e2e26f67f673769266823/chinese-tv-features-blackface-performers-new-years-gala
Title: Chinese TV features blackface performers in New Year's gala

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/e2e7f3864a331aaf8372b811357d48a0/tokyo-olympics-mori-leave-gender-issue-remains
Title: Mori is gone but gender issues remain for Tokyo Olympics

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/c8493c24dabe7609de8fec8716460737/amazon-faces-biggest-union-push-its-history
Title: Amazon faces biggest union push in its history

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/4db56f0be76514afdc2be45cb914d805/court-nigerian-farmers-can-sue-shell-uk-over-pollution
Title: Court: Nigerian farmers can sue Shell in UK over pollution

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/55763fff6f35a98eae9084fa5e1af985/fedex-gives-1m-tennessee-state-student-assistance
Title: FedEx gives $1M to Tennessee State for student assistance

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/ad243d13c7a71754de7d2ba229624dfa/tennessee-pharmacies-receive-shots-under-federal-program
Title: Tennessee pharmacies to receive shots under federal program

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/435da24a42ce38206d46ab3d527bbae4/bill-banning-trans-athletes-girls-sports-advances-utah
Title: Bill banning trans athletes in girls sports advances in Utah

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/87f579e71157567d2be476cc5f69caf2/winter-weather-causes-slick-roads-power-outages
Title: 6 killed in 130-vehicle pileup on icy Texas interstate

Search URL Search Domain Scan URL

URL: https://hosted.ap.org/clevelandbanner/article/72ed8d1e8e0ae65de923c40484637aac/federal-utility-gives-raise-ceo-trump-had-criticized
Title: Federal utility gives raise to CEO that Trump had criticized

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=102__zoneid=4__cb=398da12e2b__oadest=https%3A%2F%2Fonline.publicationprinters.com%2Fhtml5%2Freader%2Fproduction%2Fdefault.aspx%3Fpubname%3D%26edid%3D22beed7d-d5c4-40bb-99c4-095d7dcf0f6c

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=53__zoneid=2__cb=1b914d4d7f__oadest=http%3A%2F%2Fwww.loganthompsonlaw.com

Search URL Search Domain Scan URL

URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ck.php?oaparams=2__bannerid=167__zoneid=2__cb=42157fea07__oadest=http%3A%2F%2Fwww.ralphbuckner.com

Search URL Search Domain Scan URL

URL: http://www.creativecirclemedia.com/
Title: Creative Circle Media Solutions

Search URL Search Domain Scan URL

URL: https://cleveland.creativecirclemedia.com/subscribe/?referer=clevelandbanner.com/

Search URL Search Domain Scan URL

URL: https://cleveland.creativecirclemedia.com/register/?referer=clevelandbanner.com/
Title: HERE

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-BENN HTTP 301
https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-BENN

Request Chain 15

http://forecast.weather.gov/images/wtf/small/ovc.png HTTP 307
https://forecast.weather.gov/images/wtf/small/ovc.png

Request Chain 21

http://clevelandbanner.com/uploads/medium/20210210-102325-20210210-102314-CDB2-10-21.pdf.jpg HTTP 301
https://cdn3.creativecirclemedia.com/cleveland/medium/20210210-102325-20210210-102314-CDB2-10-21.pdf.jpg

Request Chain 31

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 37

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 38

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 39

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 49

http://clevelandbanner.com/uploads/large/20210211-141522-phpydAz8t.png.jpg HTTP 301
https://cdn3.creativecirclemedia.com/cleveland/large/20210211-141522-phpydAz8t.png.jpg

Request Chain 59

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 60

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 61

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 74

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 106

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 112

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 123

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 128

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 137

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 138

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 149

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 156

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 165

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 166

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 167

http://bit.ly/2RToJrZ HTTP 301
https://myvilight.com/adsbanner.html

Request Chain 169

http://www.googletagmanager.com/gtag/js?id=UA-10334581-3&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-10334581-3&l=dataLayer&cx=c

Request Chain 170

http://www.googletagmanager.com/gtag/js?id=UA-100898595-36&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-100898595-36&l=dataLayer&cx=c

Request Chain 191

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77

Request Chain 194

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hQPKeFGs1LazsA5

Request Chain 195

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=3c73082c-3760-4bd9-87d1-3bfa9067d3b9&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=6460e3c3-ac4a-41c1-a626-e1b71dbb8715

Request Chain 196

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHrrk7ATSIAABAw5bJB7g

Request Chain 197

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e2e6026-90f7-4b00-b9ce-34fecb95d3c2

Request Chain 198

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=_031XPBNoVLkSaJSrR7qU_8cpFzkT_9S-xmG5RYQ

Request Chain 199

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=673686563918492071

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMkgbkMNOpTfSOntCEodxb8&google_cver=1

206 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
clevelandbanner.com/ 51 KB
10 KB 347ms
240ms Document
text/html 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 76d672e05f0854834106c02d46707ef9b3b5798c97574ca113a65bb37ca0d1a0

Request headers

Host: clevelandbanner.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:53 GMT
Cache-Control: public, max-age=600
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 10085
Content-Type: text/html; charset=UTF-8
Expires: Fri, 12 Feb 2021 14:38:55 GMT
Age: 77
Via: Communityq/3.0
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 13:33:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3395
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33576
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Feb 2022 13:33:38 GMT

GET
H/1.1 200
OK bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.1.1/css/ 98 KB
17 KB 15ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:34:06 GMT
ETag: "1544639646"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 17160

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
1009 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Sans:700

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0be9ad9c48a6a11fe00f2154eb1d9b9974e2bcf1135060cce8f749872d24d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Feb 2021 14:30:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Fri, 12 Feb 2021 14:30:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
1 KB 21ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Sans+Narrow:700

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5ec908bb612f86db2cbd15f581d07998570de851e08df342bbd6bb120305f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Feb 2021 14:30:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Fri, 12 Feb 2021 14:30:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
1005 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Serif

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

807139fb6f5e64f8d0328cef877c6a0af012114e7df75b09ccd285e6ac89448a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Feb 2021 14:30:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Fri, 12 Feb 2021 14:30:13 GMT

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 14ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:19 GMT
ETag: "1544639719"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 5041

GET
H/1.1 200
OK 603e1304-126c-46a2-9438-c93d1d37e643.css
cloud.webtype.com/css/ 575 B
815 B 49ms
39ms Stylesheet
text/css 93.184.220.41
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cloud.webtype.com/css/603e1304-126c-46a2-9438-c93d1d37e643.css
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 93.184.220.41 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F87) /
Resource Hash: 01fdcffdb961afd174ae4d554634b79d2cd49c48b887931d50360395cb9eea50

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Jan 2018 08:43:12 GMT
Server: ECS (pab/6F87)
Age: 331247
Etag: "744892103"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 426
Expires: Fri, 19 Feb 2021 14:30:13 GMT

GET
H/1.1 200
OK cq_base_beta.css
clevelandbanner.com/css_system/ 9 KB
3 KB 124ms
123ms Stylesheet
text/css 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/css_system/cq_base_beta.css
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 9445d8c51bf4e3af85cd8cd74df62ceb5db784fe8b2b4fdf72f2bdf92cf1312f

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2020 18:27:06 GMT
Age: 95
ETag: "2298-5a837b0ce1ace-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 2130
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H/1.1 200
OK global.css
clevelandbanner.com/css/ 21 KB
5 KB 250ms
243ms Stylesheet
text/css 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/css/global.css
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 992cd2739bcbf052e85110230436ef33fcfb0350971aea86a750aed761fd8b54

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Aug 2020 19:29:07 GMT
Age: 95
ETag: "54af-5ac1244d7e5e7-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 4413
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H/1.1 404
Not Found remote-1.2.asp
clevelandbanner.mycapture.com/mycapture/scripts/ 0
0 266ms
234ms Script
text/html 199.19.89.20
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.mycapture.com/mycapture/scripts/remote-1.2.asp
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 199.19.89.20 Belleville, United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-20.secondstreetmedia.com
Software: /
Resource Hash

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK pwNotices.min.js Show response
clevelandbanner.com/js/ 2 KB
1 KB 247ms
240ms Script
application/javascript 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/js/pwNotices.min.js
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 8ef9484c7cd583164801fede431f39955d45e80ea8f75f7eef41512436033eac

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jan 2020 15:27:17 GMT
Age: 95
ETag: "7ba-59d713573545c-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 796
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H/1.1 200
OK pwNotices.css
clevelandbanner.com/css/ 2 KB
1 KB 249ms
242ms Stylesheet
text/css 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/css/pwNotices.css
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 36a16ffb5a2364abc45e9985922cc90eb2c88eaba8ff04d787aac6d159f753b8

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jan 2020 15:27:16 GMT
Age: 95
ETag: "64f-59d71356cebb5-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 615
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H2

200

jstag Show response
pittpostgazette-d.openx.net/w/1.0/
Redirect Chain

http://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-BENN
https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-BENN

190 KB
61 KB

50ms
35ms

Script
text/javascript

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-BENN
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: b5d7addc966a1581a3048484390572ae377fed3818dba228fbf9a56e79fc207f

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:13 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 61748
expires: Fri, 12 Feb 2021 15:30:13 GMT

Redirect headers

Location: https://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-BENN
Date: Fri, 12 Feb 2021 14:30:13 GMT
Via: 1.1 google
Server: OXGW/16.202.0
Content-Length: 0

GET
H/1.1 200
OK cqLazyImages.js Show response
clevelandbanner.com/js_system/misc/ 672 B
890 B 254ms
248ms Script
application/javascript 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/js_system/misc/cqLazyImages.js
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 4cc79d37628533db9f01078ed792a51deb0444806039aeeec84a2e4d0bf8ba2e

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 14:31:00 GMT
Age: 95
ETag: "2a0-59ff42717fc8e-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 331
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
52 KB 32ms
28ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05b783092d6204f8fbf9a475cfe42b7f9a74646179c09ef0fc10816c4b3fc2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53277
x-xss-protection: 0
expires: Fri, 12 Feb 2021 14:30:13 GMT

GET
H2

200

ovc.png
forecast.weather.gov/images/wtf/small/
Redirect Chain

http://forecast.weather.gov/images/wtf/small/ovc.png
https://forecast.weather.gov/images/wtf/small/ovc.png

5 KB
5 KB

35ms
9ms

Image
image/png

2a02:26f0:7100:48f::116
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forecast.weather.gov/images/wtf/small/ovc.png

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:48f::116 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

271c04de06321f9ee9d97594625a878fdbb70f5743677ddacf5e26fbe407d69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:13 GMT
x-ua-compatible: IE=Edge
last-modified: Mon, 01 Feb 2021 20:13:37 GMT
server: Apache
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=81687
x-nids-serverid: www7.mo
accept-ranges: bytes
content-length: 4902
expires: Sat, 13 Feb 2021 13:11:40 GMT

Redirect headers

Location: https://forecast.weather.gov/images/wtf/small/ovc.png
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK cdb-nameplate.png
clevelandbanner.com/images/ 28 KB
29 KB 133ms
129ms Image
image/png 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clevelandbanner.com/images/cdb-nameplate.png
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 177cec70eaaf081fe396cbc701e70d8b4877ca9c11b9a27d0326b570788c3e91

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:22 GMT
Via: Communityq/3.0
Last-Modified: Fri, 31 Jan 2020 15:27:17 GMT
Age: 50
ETag: "706a-59d713573063b"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 28778
Expires: Fri, 12 Feb 2021 14:31:22 GMT

GET
H/1.1 200
OK pancakes.js Show response
clevelandbanner.com/js_system/ 4 KB
2 KB 129ms
129ms Script
application/javascript 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/js_system/pancakes.js?cb=1613140135
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: b1b9f8e1c80a3b405336eb694d102d3872f5cf779716fda8f966940e3e18715a

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Oct 2020 18:50:08 GMT
Age: 37
ETag: "fd5-5b12d4d10e544-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 1410
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:31:36 GMT

GET
H/1.1 200
OK pancakes.css
clevelandbanner.com/css_system/ 47 KB
8 KB 125ms
124ms Stylesheet
text/css 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/css_system/pancakes.css
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 9b73d9fed70a072620c4f95d4177c84cafa09956a3b2ac905707e0f2c126f0cf

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Feb 2021 15:37:52 GMT
Age: 14
ETag: "bb7d-5ba989a775a7e-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 7272
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:31:59 GMT

GET
H/1.1 200
OK search.png
clevelandbanner.com/images/ 3 KB
4 KB 260ms
247ms Image
image/png 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clevelandbanner.com/images/search.png
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 0105169eaa1ee42fe8e8f602c50dbf7fb39ad1101cadb6b9de8c935dad5c8c18

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:22 GMT
Via: Communityq/3.0
Last-Modified: Fri, 31 Jan 2020 15:27:17 GMT
Age: 51
ETag: "c58-59d71357315db"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 3160
Expires: Fri, 12 Feb 2021 14:31:22 GMT

GET
H/1.1 200
OK 20180501-111940-You%20could%20win.jpg
cdn3.creativecirclemedia.com/cleveland/original/ 72 KB
73 KB 641ms
240ms Image
image/jpeg 65.61.154.201
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.creativecirclemedia.com/cleveland/original/20180501-111940-You%20could%20win.jpg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.201 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8882dff51d6502a930da2bd18ee29bb20ae2aa885645f17279d08a76c974dc54

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:29 GMT
Via: 1.1 varnish (Varnish/5.2)
Last-Modified: Tue, 01 May 2018 15:19:40 GMT
Server: Apache/2.4.29 (Ubuntu)
Age: 104
ETag: "120ef-56b267fd2ab31"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Varnish: 162016515 161955082
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73967

GET
H/1.1

200
OK

20210210-102325-20210210-102314-CDB2-10-21.pdf.jpg
cdn3.creativecirclemedia.com/cleveland/medium/
Redirect Chain

http://clevelandbanner.com/uploads/medium/20210210-102325-20210210-102314-CDB2-10-21.pdf.jpg
https://cdn3.creativecirclemedia.com/cleveland/medium/20210210-102325-20210210-102314-CDB2-10-21.pdf.jpg

124 KB
125 KB

616ms
242ms

Image
image/jpeg

65.61.154.201
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.creativecirclemedia.com/cleveland/medium/20210210-102325-20210210-102314-CDB2-10-21.pdf.jpg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.201 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 47c026dd7dd8838eed14aa9a32224e0e2c073e692e09041e01bc3f8e7d82be21

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Last-Modified: Wed, 10 Feb 2021 15:23:25 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1f1d8-5bafcfbf7d735"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Content-Length: 127448

Redirect headers

Date: Fri, 12 Feb 2021 14:29:22 GMT
Via: Communityq/3.0
Age: 51
Content-Type: text/html; charset=iso-8859-1
Location: https://cdn3.creativecirclemedia.com/cleveland/medium/20210210-102325-20210210-102314-CDB2-10-21.pdf.jpg
Connection: keep-alive
Content-Length: 312
Expires: Fri, 12 Feb 2021 14:31:22 GMT

GET
H/1.1 200
OK state-notices.png
clevelandbanner.com/images/ 13 KB
13 KB 125ms
124ms Image
image/png 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clevelandbanner.com/images/state-notices.png
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 725878135dca85f052c5f07a8b36ff56eda9cc82bfdc812c6c413f8fdc29142b

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Via: Communityq/3.0
Last-Modified: Fri, 31 Jan 2020 15:27:17 GMT
Age: 95
ETag: "335b-59d713573257b"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 13147
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.1.1/js/ 28 KB
8 KB 10ms
6ms Script
text/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:33:51 GMT
ETag: "1544639631"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 7679

GET
H/1.1 200
OK fblikes.js Show response
clevelandbanner.com/js_system/fblikes/ 1 KB
1 KB 134ms
130ms Script
application/javascript 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/js_system/fblikes/fblikes.js
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: cfe99241592c5ca86a6f192758cbb954016867517ada1618ac0acf0e97caa60e

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 14:31:00 GMT
Age: 51
ETag: "498-59ff42717ecee-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 559
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:31:22 GMT

GET
H/1.1 200
OK cq-sendcount.js Show response
clevelandbanner.com/js_system/cq-sendcount/ 510 B
863 B 133ms
129ms Script
application/javascript 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/js_system/cq-sendcount/cq-sendcount.js
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 5b4aace3b031822fa0ad5e96680d791ed330ed6f5a1a8ef70f1a4cd177ddc4e3

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 14:31:00 GMT
Age: 51
ETag: "1fe-59ff42717ecee-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 304
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:31:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100898595-36

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

475795c0646dad562e6217fe9051734dd8fc4c515a6980159a83e4a8c487852c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39101
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 14:30:13 GMT

GET
H/1.1 200
OK pwNotices-banner.png
clevelandbanner.com/images/ 148 KB
148 KB 126ms
125ms Image
image/png 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clevelandbanner.com/images/pwNotices-banner.png
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: ced22a368637e3972b51598627a8e9ab3db15342077a736c2a9e308c5925c4d1

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Via: Communityq/3.0
Last-Modified: Fri, 31 Jan 2020 15:27:17 GMT
Age: 95
ETag: "24e42-59d71357315db"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 151106
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H/1.1 200
OK pwNotices-computer.jpg
clevelandbanner.com/images/ 72 KB
73 KB 124ms
123ms Image
image/jpeg 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clevelandbanner.com/images/pwNotices-computer.jpg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 55653cb14a8c17cb3d9fcbe927054ed267bbd723dde6f0533bb354ad42968fe0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:22 GMT
Via: Communityq/3.0
Last-Modified: Fri, 31 Jan 2020 15:27:17 GMT
Age: 51
ETag: "12074-59d71357315db"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 73844
Expires: Fri, 12 Feb 2021 14:31:22 GMT

GET
H/1.1 200
OK pwNotices-logo.png
clevelandbanner.com/images/ 17 KB
17 KB 125ms
125ms Image
image/png 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clevelandbanner.com/images/pwNotices-logo.png
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 04acdd47f7b8985ef1f45444c3c7a1b66d5a49199e98ebf63296b3041ed5946e

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:29:22 GMT
Via: Communityq/3.0
Last-Modified: Fri, 31 Jan 2020 15:27:17 GMT
Age: 51
ETag: "43f3-59d71357315db"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 17395
Expires: Fri, 12 Feb 2021 14:31:22 GMT

GET
H/1.1 200
OK cq_base.css
clevelandbanner.com/css_system/ 27 KB
5 KB 123ms
123ms Stylesheet
text/css 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://clevelandbanner.com/css_system/cq_base.css
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/css_system/cq_base_beta.css
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 69c66d6196a426c117faa271fe7ca174290933998880f77a085d97e5e71fc94f

Request headers

Referer: http://clevelandbanner.com/css_system/cq_base_beta.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Mar 2020 14:31:00 GMT
Age: 95
ETag: "6de8-59ff42716088c-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 4453
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:30:38 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

7ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f2f89dbe1c99a8ad3a888ded6ece46fbebaf0c110e2ff90924733158a8c3ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: K8Ki8fKvowXroDIlppWsyQ==
cross-origin-resource-policy: cross-origin
expires: Fri, 12 Feb 2021 14:43:30 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: v95wBcf4cwyATwF8Ha8z2LWd/nD9VV6hMCtmMP6dkSrU0gMuDXk3g88WCP6rUHqVTD1UdmP0zlMsJKIthKFFiQ==
x-fb-trip-id: 917726464
x-fb-content-md5: f64da6abdc26e4ed9cfc0ff2af95ba8b
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Feb 2021 14:30:13 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "856959d71d11071a9d6ca9f60460c693"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.9
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 478ms
133ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=28&block=1&blockcampaign=1&cb=56234563138&charset=UTF-8&loc=http%3A//clevelandbanner.com/
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bd132ded767e06ae6fe12498941439f0393f4c16a21aa908d1490a855c4bfe77

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:13 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=100
Content-Length: 1404
Expires: 0

GET
H/1.1 200
OK v.gif
pls.webtype.com/ 807 B
1 KB 250ms
220ms Image
image/gif 65.52.62.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pls.webtype.com/v.gif?ct=100841,100841,100841,100841&r=31946&p=30870&h=WHujl0WJcyD836pf%2f92eSA%3d%3d
Requested by: Host: cloud.webtype.com
URL: http://cloud.webtype.com/css/603e1304-126c-46a2-9438-c93d1d37e643.css
Protocol: HTTP/1.1
Server: 65.52.62.25 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer: http://cloud.webtype.com/css/603e1304-126c-46a2-9438-c93d1d37e643.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:12 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Content-Length: 807
Expires: -1

GET
H/1.1 200
OK EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/ 13 KB
13 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Serif

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clevelandbanner.com
Referer: http://fonts.googleapis.com/css?family=PT+Serif
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 16:15:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Sep 2020 17:05:28 GMT
Server: sffe
Age: 166459
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13280
X-XSS-Protection: 0
Expires: Thu, 10 Feb 2022 16:15:54 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
173 B 13ms
12ms Other
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YX9ZNSCVQ5&gtm=2oe230&_p=739409679&sr=1600x1200&ul=en-us&cid=371801343.1613140213&_s=1&dl=http%3A%2F%2Fclevelandbanner.com%2F&dr=&dt=The%20Cleveland%20Daily%20Banner&sid=1613140213&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://clevelandbanner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
60 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=925e2dda828da9571e5130451d7fe82f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75f54ae8fe3e6b6e165cb43a3955382a6e1645108eb0961e124cf151357ebdf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://clevelandbanner.com
Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 1VmNwiRWVXn+5iDibpDr+g==
cross-origin-resource-policy: cross-origin
expires: Sat, 12 Feb 2022 14:13:08 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60952
x-fb-rlafr: 0
x-fb-debug: dvaE+/0nkVvZ9Lt2dx56duuCSl0iNYtRbCXaMibBYRwyo3QxJbzwvBr+TKTVrc9imPZzsyEOFcTciMM3HI3owg==
x-fb-trip-id: 917726464
x-fb-content-md5: 02c166f471d47f7cd575301c4c344ef7
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Feb 2021 14:30:13 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "452f2113b0d1a822e63dc8900589147b"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 23BA
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

85ms
28ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=28&block=1&blockcampaign=1&cb=56234563138&charset=UTF-8&loc=http%3A//clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceud-98b15680036f7ef6e4-004; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:13 GMT
Via: 1.1 google

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame AEC3
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

86ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=28&block=1&blockcampaign=1&cb=56234563138&charset=UTF-8&loc=http%3A//clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceud-5c50161e499fd2b288-00l; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:13 GMT
Via: 1.1 google

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 14E1
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

90ms
27ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=28&block=1&blockcampaign=1&cb=56234563138&charset=UTF-8&loc=http%3A//clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceud-5262949940a56be774-00W; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:13 GMT
Via: 1.1 google

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
20 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=28&block=1&blockcampaign=1&cb=56234563138&charset=UTF-8&loc=http%3A//clevelandbanner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1522c26a2e913c2c95ab3b1f37543a2ce2d7815e932dc90179c992c233b1e05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 12 Feb 2021 14:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "781 / 874 of 1000 / last-modified: 1613132082"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19521
x-xss-protection: 0
expires: Fri, 12 Feb 2021 14:30:13 GMT

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 131ms
131ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=127&campaignid=117&zoneid=1&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=5909c3008d
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=28&block=1&blockcampaign=1&cb=56234563138&charset=UTF-8&loc=http%3A//clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:13 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=99
Content-Length: 43
Expires: 0

GET
H2 200 pubads_impl_2021020901.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 40ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 12 Feb 2021 14:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:41:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103372
x-xss-protection: 0
expires: Fri, 12 Feb 2021 14:30:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
317 B 28ms
27ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=clevelandbanner.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 14:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
317 B 28ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=clevelandbanner.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 14:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 443ms
429ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4265189291291104&correlator=1267306207443242&output=ldjh&impl=fif&eid=21068773%2C21068891%2C21068031&vrg=2021020901&ptt=17&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20210212&iu_parts=6785150%2CBENN%2CCleveland_Daily_Banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=2&cookie_enabled=1&bc=23&abxe=1&lmt=1613140213&dt=1613140213984&dlt=1613140213077&idt=890&frm=20&biw=1600&bih=1200&oid=3&adxs=230&adys=16&adks=2465494228&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fclevelandbanner.com%2F&vis=1&scr_x=0&scr_y=0&psz=1140x90&msz=1140x90&ga_vid=371801343.1613140213&ga_sid=1613140214&ga_hid=739409679&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3f360dd277935883787d85e8cd0f12ce9bd649254f20a4e636d0459801a07706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12034
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://clevelandbanner.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1d88ee981152b4f856f046052194ba86.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 51ms
13ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1d88ee981152b4f856f046052194ba86.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 796 B
1 KB 130ms
130ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=2413184848&exclude=,bannerid:127,campaignid:117,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTd8
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9ab3ffbe59c8ca2dd075afbe442ca125f9dddd6913b87b527c9e1324def5b9dd

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=98
Content-Length: 796
Expires: 0

GET
H/1.1

200
OK

20210211-141522-phpydAz8t.png.jpg
cdn3.creativecirclemedia.com/cleveland/large/
Redirect Chain

http://clevelandbanner.com/uploads/large/20210211-141522-phpydAz8t.png.jpg
https://cdn3.creativecirclemedia.com/cleveland/large/20210211-141522-phpydAz8t.png.jpg

79 KB
80 KB

125ms
124ms

Image
image/jpeg

65.61.154.201
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.creativecirclemedia.com/cleveland/large/20210211-141522-phpydAz8t.png.jpg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.201 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: af6ba834b05f0a5d839f93f7f20aa9bfb6b4fabf85b2564e400dea0fc31aba83

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:28:55 GMT
Via: 1.1 varnish (Varnish/5.2)
Last-Modified: Thu, 11 Feb 2021 14:15:22 GMT
Server: Apache/2.4.29 (Ubuntu)
Age: 78
ETag: "13d87-5bb102672b0c2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Varnish: 158316701 156762022
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81287

Redirect headers

Date: Fri, 12 Feb 2021 14:30:09 GMT
Via: Communityq/3.0
Age: 4
Content-Type: text/html; charset=iso-8859-1
Location: https://cdn3.creativecirclemedia.com/cleveland/large/20210211-141522-phpydAz8t.png.jpg
Connection: keep-alive
Content-Length: 294
Expires: Fri, 12 Feb 2021 14:32:09 GMT

GET
H/1.1 404
Not Found pattern.jpg
clevelandbanner.com/images/ 281 B
281 B 123ms
122ms Image
text/html 65.61.154.7
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clevelandbanner.com/images/pattern.jpg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Server: 65.61.154.7 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: /
Resource Hash: 8bd2b19ea8be4f644cbfe7957fce3e0904ffa64dd48d9d969cc1405a15bbaad4

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:09 GMT
Via: Communityq/3.0
Expires: Fri, 12 Feb 2021 14:32:09 GMT
Connection: keep-alive
Age: 4
Content-Length: 281
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_3CRs-2.woff2
fonts.gstatic.com/s/ptsansnarrow/v12/ 11 KB
12 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptsansnarrow/v12/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_3CRs-2.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Sans+Narrow:700

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56aad63cd4ceef659e3293c2d11e01b32143afe3619e4f2fe2dcec4d8d85676b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clevelandbanner.com
Referer: http://fonts.googleapis.com/css?family=PT+Sans+Narrow:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 12:57:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Sep 2020 17:06:30 GMT
Server: sffe
Age: 91985
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11452
X-XSS-Protection: 0
Expires: Fri, 11 Feb 2022 12:57:09 GMT

GET
H/1.1 200
OK jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v12/ 11 KB
12 KB 21ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Sans:700

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clevelandbanner.com
Referer: http://fonts.googleapis.com/css?family=PT+Sans:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Feb 2021 05:56:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:37 GMT
Server: sffe
Age: 203628
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11504
X-XSS-Protection: 0
Expires: Thu, 10 Feb 2022 05:56:26 GMT

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame AEC3 374 B
587 B 124ms
123ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame AEC3 0
0 293ms
100ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 14E1 374 B
587 B 116ms
115ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 14E1 0
0 284ms
96ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 23BA 374 B
587 B 118ms
118ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 23BA 0
0 293ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame B168
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

27ms
27ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=2413184848&exclude=,bannerid:127,campaignid:117,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTd8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceue-83504772d87cf3aaf5-00N; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:14 GMT
Via: 1.1 google

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 265D
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

25ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=2413184848&exclude=,bannerid:127,campaignid:117,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTd8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceue-de0b64526799db45d2-00h; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:14 GMT
Via: 1.1 google

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 1F42
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

27ms
27ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=2413184848&exclude=,bannerid:127,campaignid:117,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTd8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceue-b71f839dcc38514b7d-00e; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:14 GMT
Via: 1.1 google

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 128ms
128ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=27&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=1b805bf0bc
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=97
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
64 KB 12ms
7ms Font
font/woff 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://clevelandbanner.com
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:44 GMT
ETag: "1544639744"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 65464

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 250ms
130ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=17&block=1&blockcampaign=1&cb=69816835881&exclude=,bannerid:127,campaignid:117,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTd8
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: db2c430173d1d0dced267011ff485c52b7a6842852d2dde9d7a240c4ddd6e536

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=96
Content-Length: 1473
Expires: 0

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 265D 374 B
587 B 119ms
119ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 265D 0
0 168ms
96ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 1F42 374 B
587 B 114ms
113ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 1F42 0
0 167ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame B168 374 B
587 B 117ms
117ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame B168 0
0 175ms
99ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 14E1 0
0 189ms
93ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame AEC3 0
0 212ms
115ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 23BA 0
0 200ms
101ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 8077
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

25ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=17&block=1&blockcampaign=1&cb=69816835881&exclude=,bannerid:127,campaignid:117,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTd8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceue-42bd49afd11805e847-00S; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:14 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 34 KB
34 KB 130ms
129ms Image
image/jpeg 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=debt_consolidation_online_ad.jpg&contenttype=jpeg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 39ab63cbba0abd710fb36a6cd75899ff0377db09fdbf22811ea2a81bc68e7398

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Last-Modified: Thu, 07 Jan 2021 20:11:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Transfer-Encoding: chunked
Content-Type: image/jpeg; name=debt_consolidation_online_ad.jpg

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
497 B 129ms
128ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=129&campaignid=118&zoneid=17&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=3e1c66fbce
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 261ms
129ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=43594214676&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTh8
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b586c047cd9c494ca38b2330cc39e1e0dedfa4bd5c3f1edfdfa106c0a48d0a9c

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=99
Content-Length: 1491
Expires: 0

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 265D 0
0 115ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 1F42 0
0 101ms
101ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022010270040000/ Frame E75D 180 KB
51 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88216
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51484
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 13:59:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6d03694bae3d062c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 13:59:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E75D 13 KB
5 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31471
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 05:45:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 05:45:43 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E75D 90 KB
27 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 203646
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 05:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 05:56:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E75D 3 KB
1 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88216
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 13:59:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 13:59:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E75D 41 KB
13 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31471
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Fri, 12 Feb 2021 05:45:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 05:45:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E75D 6 KB
775 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 14:17:36 GMT
server: ESF
date: Fri, 12 Feb 2021 14:30:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 14:30:14 GMT

GET
H3-Q050 200 6592766407814317453
tpc.googlesyndication.com/simgad/4662619624020661426/ Frame E75D 41 KB
41 KB 56ms
41ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4662619624020661426/6592766407814317453

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f235eae8c2e4d82eb79c49f81db2fcd71ce1e1abffa58476ba64757d49310631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 14:20:51 GMT
x-content-type-options: nosniff
age: 86963
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42233
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 07:16:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 14:20:51 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13819117029320585138/ Frame E75D 3 KB
4 KB 55ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13819117029320585138/downsize_200k_v1?w=100&h=100

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a70527d6815bfd9e932ac563c54ab05883a04dca84845a93f1e96262b25c8d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:57:55 GMT
x-content-type-options: nosniff
age: 91939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3513
x-xss-protection: 0
last-modified: Thu, 18 Jun 2020 12:55:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 12:57:55 GMT

GET
DATA 200
OK truncated
/ Frame E75D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E75D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dccd14d9e0cbc00f15b7d91955706347134d6af0266822e3b88c8994870e92f4

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E75D 2 KB
3 KB 53ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 12:56:43 GMT
x-content-type-options: nosniff
server: cafe
age: 5611
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Feb 2021 12:56:43 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E75D 295 B
389 B 54ms
41ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
server: cafe
age: 36276
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Feb 2021 04:25:38 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E75D 0
0 44ms
43ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAh9d9pAmYPz4AqqT7_UPnoysENXAsNRg9aDbrOMMsJAfEAEgt5GTA2CV-vCBjAegAd-Cu64CyAEJqQKnLTsxxk60PuACAKgDAcgDCqoE0gFP0P_AZjIN_MlTHa1pK0Z3aT5RJALxdO1WaQgrti25X1kPNCsUEQhTpMhwpytxdZMd2G9-wmv_Ea-vayYg1wK7joD5o0qcOnmSMBkzywf4ANLu7JKVEHOb2CSC1LlouI-6lipgoBuYMKbCRAX7upPV1AvWBOJ3OmB48MTQEYKXt9bzznhwHF4Icm9SkCw7izfUsPZUT01SUccvBEecLcm9OdNWkMSxTkYASnAqFsNaNlQ1ICmYv8QdDqw8ArNxSh-epwh_oLVyroiVOtI_IY57gEXABMrNwZOcA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeq_MLRAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCu6wbSCAkIgOGAUBABGB2ACgHICwHYEw2IFAOyFxoKGAgAEhRwdWItMDMyMDg5OTA1MjI4NzExNw&sigh=Z9JviPTOzoo&template_id=484&tpd=AGWhJmsed9DKrHMCc_Bsctx29JxJCQaFbDiS90kCdCTKHHQtgA
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame B168 0
0 103ms
102ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E75D 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clevelandbanner.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 338689
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:25:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E75D 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://clevelandbanner.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:54:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 290131
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:54:43 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 14E1 46 KB
18 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 23BA 46 KB
18 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 265D 46 KB
19 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame AEC3 46 KB
18 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1F42 46 KB
18 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 8077 374 B
587 B 108ms
107ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 8077 0
0 92ms
92ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame B168 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E75D 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 12:56:43 GMT
x-content-type-options: nosniff
server: cafe
age: 5611
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Feb 2021 12:56:43 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E75D 295 B
320 B 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
server: cafe
age: 36276
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Feb 2021 04:25:38 GMT

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame F98E
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

25ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=43594214676&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTh8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceue-7d26808ce6631b2a21-00b; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:14 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 306 KB
306 KB 130ms
129ms Image
image/jpeg 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=142175-gpatcleveland_thegoodlife_webad.jpg&contenttype=jpeg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 7c777e4d16edd0b7e2a5ee7b7db6efbe0f22a48d19de6ecfe1e8d49022427472

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Last-Modified: Fri, 03 Jan 2020 16:07:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: image/jpeg; name=142175-gpatcleveland_thegoodlife_webad.jpg

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
497 B 129ms
128ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=132&campaignid=121&zoneid=2&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=695deeff63
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 130ms
129ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=88374428090&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjF8
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b181147b4151281d4bb16bff5d4b107604feb0ad2cedeca97a0081831a2fb091

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=94
Content-Length: 1449
Expires: 0

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 8077 0
0 92ms
92ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 8077 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame C9B1
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

25ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=88374428090&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjF8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceue-2aab06f8635c455782-000; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:14 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 90 KB
91 KB 132ms
131ms Image
image/jpeg 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=companionfuneralhomemargin.jpg&contenttype=jpeg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bc9394f3b24dad8dcecdfde52e11aa855e374cecb757254d4a851bbbfb4beddf

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Last-Modified: Fri, 19 Dec 2014 15:44:03 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Transfer-Encoding: chunked
Content-Type: image/jpeg; name=companionfuneralhomemargin.jpg

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 127ms
127ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=15&campaignid=15&zoneid=2&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=7d23cc3250
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=99
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 255ms
128ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=55004647199&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1fA%3D%3D
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f14ccb5161217d407100cf3df9fe7973cb34b76966c16090827512945cd56655

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=98
Content-Length: 1466
Expires: 0

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame F98E 374 B
587 B 110ms
110ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame F98E 0
0 92ms
92ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame F98E 0
0 92ms
92ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame C9B1 374 B
587 B 115ms
114ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame C9B1 0
0 99ms
99ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame F98E 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3907
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame C9B1 0
0 112ms
112ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 2DBA
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

44ms
43ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=55004647199&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1fA%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-b166800e9595051c89-00I; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 163 KB
164 KB 141ms
140ms Image
image/jpeg 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=crawfordpharmacymarginad.jpg&contenttype=jpeg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9b5bbb298c987bc1aea902c81f1de209b2ba8b9cf3bb742b65763cb15a017214

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Last-Modified: Mon, 14 Sep 2020 13:03:34 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: image/jpeg; name=crawfordpharmacymarginad.jpg

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 136ms
136ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=145&campaignid=132&zoneid=2&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=d1d691c599
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=92
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 137ms
137ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=58282613557&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyfA%3D%3D
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 22559ea2fc95447b0bf7e92dc3b0fa1034d07a94d0b38d1012bf1b83929f4725

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=100
Content-Length: 1479
Expires: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame C9B1 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3908
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 6B5E
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

28ms
28ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=58282613557&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyfA%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-09224dd1c196eca85a-001; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 21 KB
22 KB 134ms
134ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=banner-theplace-margin.gif&contenttype=gif
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 12161762cb3b9702a4d0e363448925e3dc524d597461e95d57bb1712e2b45156

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Last-Modified: Thu, 29 Oct 2015 14:04:09 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: image/gif; name=banner-theplace-margin.gif

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 138ms
137ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=64&campaignid=61&zoneid=2&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=deed75255c
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=91
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 2 KB
2 KB 215ms
133ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=29&block=1&blockcampaign=1&cb=43678885239&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MXw%3D
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b25fcea44aa5a24b51dc412915d226ab5a0e3806608e3b91a4604c6aab356162

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=97
Content-Length: 1698
Expires: 0

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 2DBA 374 B
587 B 117ms
117ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 2DBA 0
0 105ms
104ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 2DBA 0
0 102ms
102ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 6B5E 374 B
587 B 118ms
117ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 6B5E 0
0 95ms
94ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame D766
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

25ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=29&block=1&blockcampaign=1&cb=43678885239&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MXw%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-15b49fcadb830c5b8c-00m; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame CB2E
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

27ms
27ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=29&block=1&blockcampaign=1&cb=43678885239&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MXw%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-43c73fdc2d976f2d36-00g; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 205 KB
205 KB 137ms
136ms Image
image/jpeg 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=brem_2021winterwebadmargin.jpg&contenttype=jpeg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a79488a8cd9e6fc4688aa01a580569edc1557b4581f0bda01170b0813d2bd922

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Last-Modified: Fri, 29 Jan 2021 13:12:10 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Transfer-Encoding: chunked
Content-Type: image/jpeg; name=brem_2021winterwebadmargin.jpg

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 127ms
127ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=102&campaignid=99&zoneid=4&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=398da12e2b
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=90
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 157ms
127ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=21519384437&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5fA%3D%3D
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 48b754e891aa792e29fe2aece30781ecbc2e9e41be20c9e2e8816a661cccf1e0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=98
Content-Length: 1503
Expires: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 2DBA 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3908
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 6B5E 0
0 95ms
94ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 6B5E 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3908
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame CB2E 374 B
587 B 107ms
106ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame CB2E 0
0 97ms
96ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame D766 374 B
587 B 132ms
132ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame D766 0
0 97ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame DB94
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

25ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=21519384437&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5fA%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-8c4c9d37f19c21e1ba-006; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 140 KB
140 KB 130ms
130ms Image
image/jpeg 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=cleveland_daily_banner_ad.jpg&contenttype=jpeg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 82cdca259b5668462388db9b992b0266b357cf521217fcd26b5a15c9fc4e2e7a

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Last-Modified: Thu, 12 Nov 2020 14:59:50 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: image/jpeg; name=cleveland_daily_banner_ad.jpg

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 130ms
129ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=53&campaignid=50&zoneid=2&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=1b914d4d7f
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=95
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 2 KB
2 KB 128ms
128ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=81839329435&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,bannerid:53,campaignid:50,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5I2I6NTMjYzo1MHw%3D
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d93adb87fd6379232f9f5ff91123cea89cedb33d368d0c2a7a2133489194f766

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=96
Content-Length: 1551
Expires: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E75D 42 B
303 B 42ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufFqUuVbPgjKMY_t4VAAxGjS1QCCTRbD8dxCMhGd2TZheoYBAAlRGp3gg6guo5v4jzzJ89xD77X_kbZD31lBceUwj9KvggReTD-cM21Wh0QPQzvUAEvnboH3dqSg&sai=AMfl-YTtI6Et_WEdkQzevP-b1jC7F7n3LTryJCNfTtZjNHSA3d1oM56ymODyXzL2Nqa9ERIuFTJQgVkQT1gg1gMOt7X79yytCO70Gse_Q2HUpt5WuHset7ONlorkiqr96XZq&sig=Cg0ArKJSzFgr9vBatIeyEAE&cid=CAASPeRorRPUH9ag5SNPp1ZQRGz7jW8SxeRUaYbJX-TK8_tt7org_j0sZOIU9nY2N1HuxAxZCNmsNvUeupbLCZU&id=ampim&o=436,16&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=126&tls=1126&g=100&h=100&tt=1126&r=v&avms=ampa&adk=2465494228

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame CB2E 0
0 107ms
106ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame D766 0
0 103ms
102ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 1300
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

28ms
27ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=2&block=1&blockcampaign=1&cb=81839329435&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,bannerid:53,campaignid:50,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5I2I6NTMjYzo1MHw%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-64c2743bb094a40d14-00t; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1 200
OK ai.php
cdbbanners.creativecirclemedia.com/www/delivery/ 233 KB
233 KB 135ms
134ms Image
image/jpeg 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ai.php?filename=ralphbuckner_5_reasons_web_4.167x3.472_1-1_20000_imp.jpg&contenttype=jpeg
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b50ca19dd09a9f4e38e24530b4ad66c362c95bbe7fdd24a249331d5283671158

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Last-Modified: Tue, 29 Dec 2020 13:17:40 GMT
Server: Apache/2.4.29 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Transfer-Encoding: chunked
Content-Type: image/jpeg; name=ralphbuckner_5_reasons_web_4.167x3.472_1-1_20000_imp.jpg

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 128ms
127ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=167&campaignid=153&zoneid=2&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=42157fea07
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=89
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
cdbbanners.creativecirclemedia.com/www/delivery/ 916 B
1 KB 129ms
128ms Script
text/javascript 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=59014885943&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,bannerid:53,campaignid:50,bannerid:167,campaignid:153,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5I2I6NTMjYzo1MCNiOjE2NyNjOjE1M3w%3D
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fe06919c870e862d8dd797f57ae519ec60c152bc5a30206b3220b98068848f1e

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript; charset=UTF-8
Keep-Alive: timeout=5, max=95
Content-Length: 916
Expires: 0

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame DB94 374 B
587 B 111ms
111ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame DB94 0
0 98ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame D766 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3908
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame CB2E 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3908
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame DB94 0
0 95ms
95ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame AB36
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

47ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=59014885943&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,bannerid:53,campaignid:50,bannerid:167,campaignid:153,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5I2I6NTMjYzo1MCNiOjE2NyNjOjE1M3w%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-226beccf9fd971ef2e-00X; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame C60E
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

25ms
25ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=59014885943&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,bannerid:53,campaignid:50,bannerid:167,campaignid:153,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5I2I6NTMjYzo1MCNiOjE2NyNjOjE1M3w%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-011350b3c9cce57a6a-00s; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1

200
OK

adsbanner.html Show response
myvilight.com/ Frame 02FE
Redirect Chain

http://bit.ly/2RToJrZ
https://myvilight.com/adsbanner.html

1 KB
1 KB

27ms
27ms

Document
text/html

51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/adsbanner.html
Requested by: Host: cdbbanners.creativecirclemedia.com
URL: https://cdbbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=27&block=1&blockcampaign=1&cb=59014885943&exclude=,bannerid:127,campaignid:117,bannerid:129,campaignid:118,bannerid:132,campaignid:121,bannerid:15,campaignid:15,bannerid:145,campaignid:132,bannerid:64,campaignid:61,bannerid:102,campaignid:99,bannerid:53,campaignid:50,bannerid:167,campaignid:153,&charset=UTF-8&loc=http%3A//clevelandbanner.com/&context=YjoxMjcjYzoxMTcjYjoxMjkjYzoxMTgjYjoxMzIjYzoxMjEjYjoxNSNjOjE1I2I6MTQ1I2M6MTMyI2I6NjQjYzo2MSNiOjEwMiNjOjk5I2I6NTMjYzo1MCNiOjE2NyNjOjE1M3w%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464

Request headers

Host: myvilight.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clevelandbanner.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

Server: nginx/1.12.2
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Server: nginx
Date: Fri, 12 Feb 2021 14:30:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 123
Cache-Control: private, max-age=90
Location: https://myvilight.com/adsbanner.html
Set-Cookie: _bit=l1ceuf-f73d15eaac4b5d7057-009; Domain=bit.ly; Expires=Wed, 11 Aug 2021 14:30:15 GMT
Via: 1.1 google

GET
H/1.1 200
OK lg.php
cdbbanners.creativecirclemedia.com/www/delivery/ 43 B
496 B 128ms
126ms Image
image/gif 65.61.154.205
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdbbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=27&loc=http%3A%2F%2Fclevelandbanner.com%2F&cb=3dd175189b
Requested by: Host: clevelandbanner.com
URL: http://clevelandbanner.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.61.154.205 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=94
Content-Length: 43
Expires: 0

GET
H3-Q050

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-10334581-3&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-10334581-3&l=dataLayer&cx=c

97 KB
38 KB

55ms
40ms

Script
application/javascript

2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10334581-3&l=dataLayer&cx=c

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

680335de10fe346de0ab9ae11dcef52fd921f16a396dcc8d30b9aed1b50eee0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39183
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 14:30:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-10334581-3&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3-Q050

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-100898595-36&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-100898595-36&l=dataLayer&cx=c

97 KB
39 KB

40ms
30ms

Script
application/javascript

2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100898595-36&l=dataLayer&cx=c

Requested by

Host: clevelandbanner.com
URL: http://clevelandbanner.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e6420bc257419fc4223fe8ead75bd7f7413bba3d66d8a442485b6e6b6b6462c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39112
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 14:30:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-100898595-36&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 1300 374 B
587 B 121ms
121ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 1300 0
0 99ms
98ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame DB94 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3908
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-10334581-3&l=dataLayer&cx=c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3908
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
189 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=739409679&t=pageview&_s=1&dl=http%3A%2F%2Fclevelandbanner.com%2F&ul=en-us&de=UTF-8&dt=The%20Cleveland%20Daily%20Banner&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=302642215&gjid=1375366921&cid=371801343.1613140213&tid=UA-10334581-3&_gid=1258528935.1613140216&_r=1&gtm=2ou230&z=72095933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://clevelandbanner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=739409679&t=pageview&_s=1&dl=http%3A%2F%2Fclevelandbanner.com%2F&ul=en-us&de=UTF-8&dt=The%20Cleveland%20Daily%20Banner&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=1815473889&gjid=1687341282&cid=371801343.1613140213&tid=UA-100898595-36&_gid=1258528935.1613140216&_r=1&gtm=2ou230&z=60940571

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://clevelandbanner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 1300 0
0 107ms
106ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame C60E 374 B
587 B 123ms
122ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame C60E 0
0 109ms
109ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame 02FE 374 B
587 B 132ms
120ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame 02FE 0
0 92ms
92ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.17.6
Connection: close
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ga.js Show response
myvilight.com/scripts/ Frame AB36 374 B
587 B 119ms
119ms Script
text/javascript 51.38.153.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.38.153.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ip33.ip-51-38-153.eu
Software: nginx/1.12.2 / PHP/7.2.34
Resource Hash: ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/ Frame AB36 0
0 95ms
95ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/e3f3a08fbbe7ad3c21d0d21d11f3afee/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame 02FE 0
0 98ms
98ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1300 46 KB
18 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3909
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame C60E 0
0 96ms
96ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden invoke.js
evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/ Frame AB36 0
0 108ms
107ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://evzhzppj5kel.com/33ef8aceaac0b182d986e21532731062/invoke.js
Requested by: Host: myvilight.com
URL: https://myvilight.com/adsbanner.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 02FE 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3909
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame C60E 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3909
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame AB36 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myvilight.com
URL: https://myvilight.com/scripts/ga.js?link=aHR0cDovL2NsZXZlbGFuZGJhbm5lci5jb20v

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myvilight.com/adsbanner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3909
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77

1007 B
881 B

31ms
31ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Requested by: Host: pittpostgazette-d.openx.net
URL: http://pittpostgazette-d.openx.net/w/1.0/jstag?nc=6785150-BENN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: c46c33c16a0b34b6a08e6c14fefc3ba076a524e0fea29478b0a3f22294a86cf9

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://clevelandbanner.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=41c68253-4ff1-0233-00b7-2be7b699d988|1613140216
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=41c68253-4ff1-0233-00b7-2be7b699d988|1613140216; Version=1; Expires=Sat, 12-Feb-2022 14:30:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1613140216|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 27-Feb-2021 14:30:16 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 12 Feb 2021 14:30:16 GMT
content-type: text/html
content-length: 546
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=41c68253-4ff1-0233-00b7-2be7b699d988|1613140216; Version=1; Expires=Sat, 12-Feb-2022 14:30:16 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.202.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
date: Fri, 12 Feb 2021 14:30:16 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 62ms
47ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0a86d30c9d52787347026381f6e4d6b8dafdfa38d577df7bfe061dc1aab0e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 14:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6381
x-xss-protection: 0

GET
H2 200 06addb4e-76da-af8d-6bb6-f5fa2de9273c
pr-bh.ybp.yahoo.com/sync/openx/ Frame CF28 43 B
836 B 99ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/06addb4e-76da-af8d-6bb6-f5fa2de9273c?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hQPKeFGs1LazsA5

43 B
106 B

25ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hQPKeFGs1LazsA5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 14:30:15 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hQPKeFGs1LazsA5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=3c73082c-3760-4bd9-87d1-3bfa9067d3b9&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=6460e3c3-ac4a-41c1-a626-e1b71dbb8715

43 B
106 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=6460e3c3-ac4a-41c1-a626-e1b71dbb8715
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=6460e3c3-ac4a-41c1-a626-e1b71dbb8715
date: Fri, 12 Feb 2021 14:30:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHrrk7ATSIAABAw5bJB7g

43 B
106 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHrrk7ATSIAABAw5bJB7g
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAHrrk7ATSIAABAw5bJB7g
Date: Fri, 12 Feb 2021 14:30:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e2e6026-90f7-4b00-b9ce-34fecb95d3c2

43 B
106 B

23ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e2e6026-90f7-4b00-b9ce-34fecb95d3c2
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 12 Feb 2021 14:30:12 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=2e2e6026-90f7-4b00-b9ce-34fecb95d3c2
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 12 Feb 2021 14:30:11 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=_031XPBNoVLkSaJSrR7qU_8cpFzkT_9S-xmG5RYQ

43 B
180 B

23ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=_031XPBNoVLkSaJSrR7qU_8cpFzkT_9S-xmG5RYQ
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=_031XPBNoVLkSaJSrR7qU_8cpFzkT_9S-xmG5RYQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=673686563918492071

43 B
106 B

21ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=673686563918492071
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=673686563918492071
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame CF28 70 B
265 B 90ms
29ms Image
image/gif 54.72.237.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=926abd0a-e676-3dc4-5a61-e30fd2beea75&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.237.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-237-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CF28 170 B
243 B 44ms
19ms Image
image/png 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YmUwNTZlYzAtMmYwMS02MzYwLTRmODEtYjliNjE4NWMyNDE1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CF28
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMkgbkMNOpTfSOntCEodxb8&google_cver=1

43 B
106 B

23ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMkgbkMNOpTfSOntCEodxb8&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=2968c969-f170-4578-9198-942acd4c7a77
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMkgbkMNOpTfSOntCEodxb8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 12 Feb 2021 14:30:16 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 8E98 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://clevelandbanner.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://clevelandbanner.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 12 Feb 2021 14:02:15 GMT
expires: Sat, 12 Feb 2022 14:02:15 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1681
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E98 14 KB
7 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 12:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 7249
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sat, 12 Feb 2022 12:29:27 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020901&jk=4265189291291104&bg=!tbaltvXNAAWP4B5EjzsAKQB2-DxaoU0MYMQs12hTg_UgpGe2-nbVeeyxQBmsKSQg3yjXQuGyKSNLAgAAAEdSAAAADGgBBwoBC1YM1FgsGx7pxUmJztuVoaOTJnZIj_wehKJ4GBIa6gcY-C1wddEzx35RybHDHpZpiD6yBcnQQbnvU3sWI1xEPlTyD775ABHRYBVv-DMOnw0mqesEi3hC7AFY-3ZFxwg59GNTbJP6bOwJ8Bq5nA816oXHM9lAaiyqW05F92xffFsyqeT0AZNjNZrBrkqU1Zi_P8CcSMMTkp2Xg7kWlznaczjGJzoK1yJi5jE4Ky37ubF9NwcrYfw_bC0Ys2kxX2htSJu7T7ulyEtqtXqaVx_wwysebj9yFjF0oca7cXZAFxHAw9lZSiFZzxhggEglo4QXSNJqC770UPKfPAxoGGxikXUsq-6KFFP0xIi7PZkB4G7SCAMDovoCLZcuB8w9D_2_9nic9t7YGM1pm094WVeuG-dL2wRFQh0f9iuZUYicxtvH-3-urqS1EK-6wBXF-rK3FVGLqBpBvF4JHcWhlVuoS8f6EPNwlgLd59YhtMdDWT3y5kCgGGpcsEBjXiSI_vrnDe7Y5SyP_7cM_K0xGyI-_R853YNReo404ILt_d0aGNwGdfaFhtZBDiDQ8NOc6Ej7Q4NV54O4I6pB1nSg8D399iYnMSP27emyIKT2ekY6oq0bW2ZUI2NuBGJ-XMIh8PFIphrOQQQnnMPGpBdfjf_JONJxBPg4bJAkddAmWELP9NIvEGmE6cE9n0LfNY20Sa8czGh5DwJIhVhYr6x7dZA6OmCDSwbDLTmKbJUyuFcWIuvz1kDMt-WhsgfjofYFNrq7PD66i7oDRQamX0D5yzDMFUUSVpf8hztDXTb4ocjiLs2UtMCM-Y_8yx9bbDgFF2sZ5gyJOskIOn5IgaBZDznSzBOqDXINf5wVdxAaid3XvNpIUvnf2np6UMPzwe6ZKBHDISoiWUraUV55GsjjFvy8m6bjpqn4nianHeNGsfv2M0s4jIHiwpl0kDqcr-vLzQG4k_m20q-dyPNK-erMLw13cV1-f741EteDsugoKJSUfQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://clevelandbanner.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:30:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clevelandbanner.com/	1970-01-19 16:05:40	Name: _gat_gtag_UA_10334581_3 Value: 1
.clevelandbanner.com/	1970-01-20 01:27:16	Name: __gads Value: ID=b668fa2fc32b9ccb-22d72aca72ba00d1:T=1613140214:S=ALNI_MZkHKEaHAn5uZaBobQINZu7Lb5XMQ
.clevelandbanner.com/	1970-01-20 09:36:52	Name: _ga_YX9ZNSCVQ5 Value: GS1.1.1613140213.1.0.1613140213.0
.clevelandbanner.com/	1970-01-19 16:07:06	Name: _gid Value: GA1.2.1258528935.1613140216
.clevelandbanner.com/	1970-01-20 09:36:52	Name: _ga Value: GA1.2.371801343.1613140213
.clevelandbanner.com/	1970-01-19 16:05:40	Name: _gat_gtag_UA_100898595_36 Value: 1
clevelandbanner.com/	1970-01-19 16:05:41	Name: OX_sd Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 http://clevelandbanner.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d88ee981152b4f856f046052194ba86.safeframe.googlesyndication.com
ads.programattik.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bit.ly
c1.adform.net
cdbbanners.creativecirclemedia.com
cdn.ampproject.org
cdn3.creativecirclemedia.com
clevelandbanner.com
clevelandbanner.mycapture.com
cloud.webtype.com
cm.g.doubleclick.net
connect.facebook.net
eu-u.openx.net
evzhzppj5kel.com
fonts.googleapis.com
fonts.gstatic.com
forecast.weather.gov
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
myvilight.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
pittpostgazette-d.openx.net
pixel.quantserve.com
pls.webtype.com
pm.w55c.net
pr-bh.ybp.yahoo.com
securepubads.g.doubleclick.net
sync.mathtag.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
142.250.185.130
142.250.74.194
185.29.133.58
192.243.59.12
199.19.89.20
2001:4de0:ac19::1:b:1b
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a02:26f0:7100:48f::116
2a03:2880:f02d:12:face:b00c:0:3
3.121.66.166
34.98.64.218
35.210.215.44
37.157.2.238
51.38.153.33
52.215.8.160
52.57.110.162
54.72.237.129
65.52.62.25
65.61.154.201
65.61.154.205
65.61.154.7
67.199.248.11
93.184.220.41
0105169eaa1ee42fe8e8f602c50dbf7fb39ad1101cadb6b9de8c935dad5c8c18
01fdcffdb961afd174ae4d554634b79d2cd49c48b887931d50360395cb9eea50
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04acdd47f7b8985ef1f45444c3c7a1b66d5a49199e98ebf63296b3041ed5946e
05b783092d6204f8fbf9a475cfe42b7f9a74646179c09ef0fc10816c4b3fc2b1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
12161762cb3b9702a4d0e363448925e3dc524d597461e95d57bb1712e2b45156
1522c26a2e913c2c95ab3b1f37543a2ce2d7815e932dc90179c992c233b1e05f
177cec70eaaf081fe396cbc701e70d8b4877ca9c11b9a27d0326b570788c3e91
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
22559ea2fc95447b0bf7e92dc3b0fa1034d07a94d0b38d1012bf1b83929f4725
271c04de06321f9ee9d97594625a878fdbb70f5743677ddacf5e26fbe407d69b
2e6420bc257419fc4223fe8ead75bd7f7413bba3d66d8a442485b6e6b6b6462c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a16ffb5a2364abc45e9985922cc90eb2c88eaba8ff04d787aac6d159f753b8
39ab63cbba0abd710fb36a6cd75899ff0377db09fdbf22811ea2a81bc68e7398
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3f360dd277935883787d85e8cd0f12ce9bd649254f20a4e636d0459801a07706
475795c0646dad562e6217fe9051734dd8fc4c515a6980159a83e4a8c487852c
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47c026dd7dd8838eed14aa9a32224e0e2c073e692e09041e01bc3f8e7d82be21
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b754e891aa792e29fe2aece30781ecbc2e9e41be20c9e2e8816a661cccf1e0
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a70527d6815bfd9e932ac563c54ab05883a04dca84845a93f1e96262b25c8d0
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
4cc79d37628533db9f01078ed792a51deb0444806039aeeec84a2e4d0bf8ba2e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
55653cb14a8c17cb3d9fcbe927054ed267bbd723dde6f0533bb354ad42968fe0
56aad63cd4ceef659e3293c2d11e01b32143afe3619e4f2fe2dcec4d8d85676b
5b4aace3b031822fa0ad5e96680d791ed330ed6f5a1a8ef70f1a4cd177ddc4e3
680335de10fe346de0ab9ae11dcef52fd921f16a396dcc8d30b9aed1b50eee0d
69c66d6196a426c117faa271fe7ca174290933998880f77a085d97e5e71fc94f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02
725878135dca85f052c5f07a8b36ff56eda9cc82bfdc812c6c413f8fdc29142b
75f54ae8fe3e6b6e165cb43a3955382a6e1645108eb0961e124cf151357ebdf1
76d672e05f0854834106c02d46707ef9b3b5798c97574ca113a65bb37ca0d1a0
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7c777e4d16edd0b7e2a5ee7b7db6efbe0f22a48d19de6ecfe1e8d49022427472
7f2f89dbe1c99a8ad3a888ded6ece46fbebaf0c110e2ff90924733158a8c3ef9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
807139fb6f5e64f8d0328cef877c6a0af012114e7df75b09ccd285e6ac89448a
82cdca259b5668462388db9b992b0266b357cf521217fcd26b5a15c9fc4e2e7a
8882dff51d6502a930da2bd18ee29bb20ae2aa885645f17279d08a76c974dc54
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8bd2b19ea8be4f644cbfe7957fce3e0904ffa64dd48d9d969cc1405a15bbaad4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef9484c7cd583164801fede431f39955d45e80ea8f75f7eef41512436033eac
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9445d8c51bf4e3af85cd8cd74df62ceb5db784fe8b2b4fdf72f2bdf92cf1312f
992cd2739bcbf052e85110230436ef33fcfb0350971aea86a750aed761fd8b54
9ab3ffbe59c8ca2dd075afbe442ca125f9dddd6913b87b527c9e1324def5b9dd
9b5bbb298c987bc1aea902c81f1de209b2ba8b9cf3bb742b65763cb15a017214
9b73d9fed70a072620c4f95d4177c84cafa09956a3b2ac905707e0f2c126f0cf
a0be9ad9c48a6a11fe00f2154eb1d9b9974e2bcf1135060cce8f749872d24d65
a79488a8cd9e6fc4688aa01a580569edc1557b4581f0bda01170b0813d2bd922
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
af6ba834b05f0a5d839f93f7f20aa9bfb6b4fabf85b2564e400dea0fc31aba83
b181147b4151281d4bb16bff5d4b107604feb0ad2cedeca97a0081831a2fb091
b1b9f8e1c80a3b405336eb694d102d3872f5cf779716fda8f966940e3e18715a
b25fcea44aa5a24b51dc412915d226ab5a0e3806608e3b91a4604c6aab356162
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b50ca19dd09a9f4e38e24530b4ad66c362c95bbe7fdd24a249331d5283671158
b586c047cd9c494ca38b2330cc39e1e0dedfa4bd5c3f1edfdfa106c0a48d0a9c
b5d7addc966a1581a3048484390572ae377fed3818dba228fbf9a56e79fc207f
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bc9394f3b24dad8dcecdfde52e11aa855e374cecb757254d4a851bbbfb4beddf
bd132ded767e06ae6fe12498941439f0393f4c16a21aa908d1490a855c4bfe77
c46c33c16a0b34b6a08e6c14fefc3ba076a524e0fea29478b0a3f22294a86cf9
ced22a368637e3972b51598627a8e9ab3db15342077a736c2a9e308c5925c4d1
cfe99241592c5ca86a6f192758cbb954016867517ada1618ac0acf0e97caa60e
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
d83af80bf38cb7a45aa73c74eb3fce98bf4639196c4e44d7741f23316e6a3464
d93adb87fd6379232f9f5ff91123cea89cedb33d368d0c2a7a2133489194f766
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
db2c430173d1d0dced267011ff485c52b7a6842852d2dde9d7a240c4ddd6e536
dccd14d9e0cbc00f15b7d91955706347134d6af0266822e3b88c8994870e92f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a86d30c9d52787347026381f6e4d6b8dafdfa38d577df7bfe061dc1aab0e56
f14ccb5161217d407100cf3df9fe7973cb34b76966c16090827512945cd56655
f235eae8c2e4d82eb79c49f81db2fcd71ce1e1abffa58476ba64757d49310631
f5ec908bb612f86db2cbd15f581d07998570de851e08df342bbd6bb120305f1b
fe06919c870e862d8dd797f57ae519ec60c152bc5a30206b3220b98068848f1e
ffd749310c36a26166910b64a0657a98a14aeb143af94d9381e35849d4c9166d

clevelandbanner.com Open in urlscan Pro 65.61.154.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

206 Requests

84 %HTTPS

49 %IPv6

30 Domains

39 Subdomains

30 IPs

8 Countries

3003 kBTransfer

4857 kBSize

7 Cookies

28 Outgoing links

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clevelandbanner.com Open in urlscan Pro
65.61.154.7 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

84 %
HTTPS

49 %
IPv6

30
Domains

39
Subdomains

30
IPs

8
Countries

3003 kB
Transfer

4857 kB
Size

7
Cookies

206 HTTP transactions
2 data transactions