s.yam.com Open in urlscan Pro
52.187.123.178  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://s.yam.com/wlf5p HTTP 302
   https://s.yam.com/wlf5p HTTP 302
   https://s.yam.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

• https://img.yamedia.tw/2021/share/500_104.png HTTP 302
• https://yamedia.yam.com/2021/share/500_104.png

Request Chain 3

• https://img.yamedia.tw/2021/share/loading.gif HTTP 302
• https://yamedia.yam.com/2021/share/loading.gif

Request Chain 4

• https://img.yamedia.tw/2022/share/ad1.jpg HTTP 302
• https://yamedia.yam.com/2022/share/ad1.jpg

Request Chain 29

• https://googleads.g.doubleclick.net/pagead/adview?ai=CCbx9U7jgZNj6O_TRzLUP-8u4-ArQld2Actqd94GuEeSCu_uaAhABIMzdhyFgycapi8Ck2A-gAcPU8-UDyAEJqAMByAPLBKoEvQFP0Cas2AlM5QkyjI_WgZ_vb5vLbNKf_r8TSffxTZfZ6b_bGScwiQnNr-RojZoEoFmhFR5j05MUNV_Gh6Rz4zUSK-cQeMxBbPRDkOGFUizTO9aNyLcCL_zlYGJiAD9lXbMaTVkmdsmINLChGl4gW2M1x6osGmUls1Eyxw6yFth-QYanPczemmi2OPtUKLxWkNMEZBRT2BEsRKm1RgLshoTQWkqAa8YkyBAnNX_94CwMxOoDwQf37R5iKqhSHvnABOCgm6-5BJIFBAgEGAGSBQQIBRgEoAYugAev5fk8qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvpcR0ggUCIBhEAEYHzICigI6AoBASL39wTqaCT1odHRwczovL3d3dy5uaWtlLmNvbS9yZXRhaWwvP2NwPTM3ODM5NDAwNjIwX2FkXyZnY2xzcmM9YXcuZHMmgAoByAsBmAzO1tXOpwTaDBAKChDwrKz2ssP71jYSAgEDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNjc1MDM3Mjk2ODUzOTY4GAA&sigh=ihPs8bJDnJs&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW65sbBtdvyIC13JwJutHCnxZpkTzNNxgB&template_id=515&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x75f15b3bc46581c20000000000000000%22,%222%22:%220x22b4f5c095c0de570000000000000000%22,%225%22:%220x87085d6a692811f90000000000000000%22},%22debug_key%22:%2213061708134397107474%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221019013699%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228330870953737313905%22}&andc=true

Request Chain 33

• https://sb.scorecardresearch.com/cs/38111965/beacon.js HTTP 302
• https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 36

• https://sb.scorecardresearch.com/b?c1=2&c2=38111965&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692448852818&ns_c=UTF-8&c7=https%3A%2F%2Fs.yam.com%2F&c8=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=38111965&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692448852818&ns_c=UTF-8&c7=https%3A%2F%2Fs.yam.com%2F&c8=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9=

Request Chain 82

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECAlt1s8wyV85ZQp7bONjHI&google_cver=1&google_push=AXcoOmTX9V1yr_gwwdR9cwefGn9oQGlZ_0SIL6UhNv04LrZ8-EPInkWwyHQgmUwuf1q6yb2yH5YP0HZoAQMarfzrQvc81HD9SQNa HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTX9V1yr_gwwdR9cwefGn9oQGlZ_0SIL6UhNv04LrZ8-EPInkWwyHQgmUwuf1q6yb2yH5YP0HZoAQMarfzrQvc81HD9SQNa

Request Chain 83

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOb6sJupBAa2daNSEHDr654&google_cver=1&google_push=AXcoOmSB20dQzBok_VVXSS9Xbai9_meGcsP2MGrhkMWZDOOEmh8D-vjEmZZ3mjmk5a4SEgP8kJJ9maNHhjlezKFe3ueWuD7bvZ5PZQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOb6sJupBAa2daNSEHDr654&google_push=AXcoOmSB20dQzBok_VVXSS9Xbai9_meGcsP2MGrhkMWZDOOEmh8D-vjEmZZ3mjmk5a4SEgP8kJJ9maNHhjlezKFe3ueWuD7bvZ5PZQ

Request Chain 84

• https://fksnk.com/cs/google?google_gid=CAESEPp_3TC9W9e5Ofb9KbM_uHQ&google_cver=1&google_push=AXcoOmS53rC5nu8MLpEhXsPhEWl1PSntOCDYwWAy7ElctV4wXwCi4aru1R6m8AwkTg5SpIupSIFcuTA0ETspNTfjgfyxrFtSAmWOgA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA==

Request Chain 85

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEOTbocahcHrbrvvQUPBdh6E&google_cver=1&google_push=AXcoOmSRR6B9oosahycpTZmCf6K5gWmPh9JY6gZ5-BE67fDUreMNGdBQRaQ4jXjiyKDcFfzJFPQqE1B35yMo9RYauNjMHkwqkjRwdQ HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eJY9w2d8Qj-2sO-J-ohqwA2&google_push=AXcoOmSRR6B9oosahycpTZmCf6K5gWmPh9JY6gZ5-BE67fDUreMNGdBQRaQ4jXjiyKDcFfzJFPQqE1B35yMo9RYauNjMHkwqkjRwdQ

Request Chain 86

• https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECvhmInjNP9IOAel2-RP6wo&google_cver=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b66ePnODJluzf0T1mskhKBTFfx6Vkew5ZwV8SqTl9spFRdTG4Q HTTP 302
• https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESECvhmInjNP9IOAel2-RP6wo&google_cver=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b66ePnODJluzf0T1mskhKBTFfx6Vkew5ZwV8SqTl9spFRdTG4Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b66ePnODJluzf0T1mskhKBTFfx6Vkew5ZwV8SqTl9spFRdTG4Q

Request Chain 87

• https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOT8PODY0D91XJez2KUXbB8&google_cver=1&google_push=AXcoOmSLld5VLvtIY2Adbr7zwP0Kf9Fps0zNqgmW4_uE81kVftTbYmJs6EVFUjQ8BWTzsHZyG68ee5WxycU5SVzOOYBZ_kcnNnlo36k HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSLld5VLvtIY2Adbr7zwP0Kf9Fps0zNqgmW4_uE81kVftTbYmJs6EVFUjQ8BWTzsHZyG68ee5WxycU5SVzOOYBZ_kcnNnlo36k&google_hm=kt1Zf-0ETNmqIS0erYyWE4Y

Request Chain 88

• https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESECqb1oH_opO7fYieQ1-UF30&google_cver=1&google_push=AXcoOmSvtKXNYUn9yypXI4jE_bFmrtq8cpiaCBwSPRsCDmY4nMbXLb-Eu9oOKudwSOwzrM_iXNap5RewQlPy9etKy98OPWy6gwnK7e4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=pr_PXzI2ZEWqnUe7viwpRw&google_push=AXcoOmSvtKXNYUn9yypXI4jE_bFmrtq8cpiaCBwSPRsCDmY4nMbXLb-Eu9oOKudwSOwzrM_iXNap5RewQlPy9etKy98OPWy6gwnK7e4

Request Chain 93

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1&C=1

Request Chain 94

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOC4VmlLTxq0EnafqmHWCwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEJI9cK-YfjJyRUia23a70vM&google_cver=1

Request Chain 96

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NDYyNzg3NzYyNTAxMjU5Mg%3D%3D

Request Chain 114

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMHXbg-3oBQxOE_QSXE5KLQ&google_cver=1&google_push=AXcoOmSKYIqFM87-G4rNPxSOP471s7aIu3VaMTZ_VQxGD2rjXHm6mwbgD1MF2v32sNhEZoQTb8c2EvnIzWZ2hAXyrwIk0ja3PrJNCQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSKYIqFM87-G4rNPxSOP471s7aIu3VaMTZ_VQxGD2rjXHm6mwbgD1MF2v32sNhEZoQTb8c2EvnIzWZ2hAXyrwIk0ja3PrJNCQ

Request Chain 115

• https://fksnk.com/cs/google?google_gid=CAESEPp_3TC9W9e5Ofb9KbM_uHQ&google_cver=1&google_push=AXcoOmS-yh_BxniA6B3q51I2jmG-kR-Pd9j6oNzaheeJ_nJy8xBXq2W_QaavlFgb9Q1xjYPAgOYun_aa1HCeqKNAcpDaeVxukQfl HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA==

Request Chain 116

• https://ums.acuityplatform.com/tum?umid=4&uid=CAESEILFgQq2gcZ2bYYZgRzEPnY&google_cver=1&google_push=AXcoOmT4MTFah6KlUKwc_CAU1al22MCybNYM3STNcXzn1X-bUveOhQ_yQtWogT7pHG4gxYXLJer8f8QlSgoHooe8A_t07NxG9sbeoA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=815790472113

Request Chain 117

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENLGXlIE2QQ37E-DbASM4wQ&google_cver=1&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INqsMm1nJBLz3j1SbNA HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENLGXlIE2QQ37E-DbASM4wQ&google_cver=1&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INqsMm1nJBLz3j1SbNA HTTP 302
• https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=119&user_id=969188718339196429&expires=30&ssp=google HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INqsMm1nJBLz3j1SbNA&google_hm=CK2pxqBLRuqSFDfRrqCVJQ==

Request Chain 118

• https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHHvv9MpL57J09mVJ_r7JZw&google_cver=1&google_push=AXcoOmQ8QNQh_R040wXJKhK5dGtKlsxCoJlPSzAlbCl7sd3ueFbK7Z1gw2zqUDlLSZXrLsAuXEzPSD4jTWzOpwhzHDQMlwCDXvmfWw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TsQVy5XhU41iMArRnN9PSgW16oY&google_push=AXcoOmQ8QNQh_R040wXJKhK5dGtKlsxCoJlPSzAlbCl7sd3ueFbK7Z1gw2zqUDlLSZXrLsAuXEzPSD4jTWzOpwhzHDQMlwCDXvmfWw

Request Chain 119

• https://trace.mediago.io/cs/google?google_gid=CAESEMT6xYthg6e3CtPe_mh3Osw&google_cver=1&google_push=AXcoOmQJJBUzmVBASjs9nYYBhYJYOp44fHzMUZFOeXriSRMSGQnjUnHoRyAcqdSqCP5RrVFuz9ykTj4LeTVmpjPl40touAcu7QKKFw8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQJJBUzmVBASjs9nYYBhYJYOp44fHzMUZFOeXriSRMSGQnjUnHoRyAcqdSqCP5RrVFuz9ykTj4LeTVmpjPl40touAcu7QKKFw8&google_hm=907a809f16bf23a6344ea343335e3c4b

Request Chain 121

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHvxv2meAbW9bubkPX172ig&google_cver=1&google_push=AXcoOmSkdaMaN5FmcHG63cw1wQSEyF5QO9WcxTYb7BdtTBaSNz7V5A1OEbcz7hqP7n8ULuTX_TtLacukgvzBrNP_3ERLqZPUggiQf70 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzgyMDUzMTc2MjcxOTg3NjU4Ng==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHvxv2meAbW9bubkPX172ig&google_cver=1

Request Chain 122

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECAlt1s8wyV85ZQp7bONjHI&google_cver=1&google_push=AXcoOmQT-zzw4eYn6aHVvYBeUhdjhd-xkfXTqx15C7FlOmDaZu8Az2khwkAmmH65PQwYYN6ESyW82tSA-ts-noBIYYEt0fDQ1JpfmE4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmQT-zzw4eYn6aHVvYBeUhdjhd-xkfXTqx15C7FlOmDaZu8Az2khwkAmmH65PQwYYN6ESyW82tSA-ts-noBIYYEt0fDQ1JpfmE4

Request Chain 125

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELDzGjYOES2boxakbW5cqHc&google_cver=1&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSywjEmC2Qad1mxJpFs0gY HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELDzGjYOES2boxakbW5cqHc&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSywjEmC2Qad1mxJpFs0gY&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSywjEmC2Qad1mxJpFs0gY&google_hm=X2EzSnJ4Ui1DU1pMaW9haXVKV04=

Request Chain 126

• https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPkIVbeGZX9vHlNXqjcpkF4&google_cver=1&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRlo4Cc6me2larc4WQLd64e25ie6 HTTP 302
• https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEPkIVbeGZX9vHlNXqjcpkF4%26google_cver%3D1%26google_push%3DAXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRlo4Cc6me2larc4WQLd64e25ie6 HTTP 302
• https://rtb2-useast.e-volution.ai/sync?adkuid=A6214146106271799771&exchange=193&google_gid=CAESEPkIVbeGZX9vHlNXqjcpkF4&google_cver=1&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRlo4Cc6me2larc4WQLd64e25ie6 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYyMTQxNDYxMDYyNzE3OTk3NzE&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRlo4Cc6me2larc4WQLd64e25ie6

Request Chain 127

• https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSNytrnXJmbUjwrgcUeFrchVfnjWF5stkB1EkQPB_NBpCKmWyfP1wBgnJHGrGeppbfJKSWW_KNCmsEpsZyt3M1ud5WCz3EemuTz&google_gid=CAESENvSv8Jwsf1PdnKjlTbABus&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENvSv8Jwsf1PdnKjlTbABus&google_hm=T1BVMjQxNDAyYmVhMzlmNDQ2OThhZmM1MWNmYTUyZWU1MDk&google_nid=opera_norway_as&google_push=AXcoOmSNytrnXJmbUjwrgcUeFrchVfnjWF5stkB1EkQPB_NBpCKmWyfP1wBgnJHGrGeppbfJKSWW_KNCmsEpsZyt3M1ud5WCz3EemuTz

Request Chain 141

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECjWpZKd0VFAK9_3L2G7GBk&google_cver=1&google_push=AXcoOmR74uIWNdBaLWiwCjGoL6X47sUdemf7w7UEiaJUIMoxcprJBjGPTxwDDHTjGZz-6_tmWaJBxogUg90PlAARaOT03GUClQ24nfQ HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR74uIWNdBaLWiwCjGoL6X47sUdemf7w7UEiaJUIMoxcprJBjGPTxwDDHTjGZz-6_tmWaJBxogUg90PlAARaOT03GUClQ24nfQ&google_hm=HPNkUjm0ybvIyfKZykyYhw

Request Chain 145

• https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8XM&google_cver=1&google_push=AXcoOmSgt6mInsE4PVqb5UzfGlHek4uVPMA7b-1JEAy2bu7VSVpPfUNcLBRl5gTX9TsfA7PPIKbtFXbThIdFGXcttvx73kYScgU-lw HTTP 302
• https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=54e5be322e04161a&is_secure=true&networkId=14000&version=1&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8XM&google_cver=1&google_push=AXcoOmSgt6mInsE4PVqb5UzfGlHek4uVPMA7b-1JEAy2bu7VSVpPfUNcLBRl5gTX9TsfA7PPIKbtFXbThIdFGXcttvx73kYScgU-lw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACAnVdsuf22QMwaFJOAAAAAAA&expiration=1692535254&google_cver=1&is_secure=true&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8XM&google_push=AXcoOmSgt6mInsE4PVqb5UzfGlHek4uVPMA7b-1JEAy2bu7VSVpPfUNcLBRl5gTX9TsfA7PPIKbtFXbThIdFGXcttvx73kYScgU-lw

Request Chain 146

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&google_cver=1&google_push=AXcoOmR_oCUb-MN4x-u4MJSkzWfRn3DbbqEUB-vJgXM-Mgw32PVf4Py3llZ40byLgvsd170ma8pSeh1cG-7CwSe74WBWlFN1-pYL1_w HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&google_cver=1&google_push=AXcoOmR_oCUb-MN4x-u4MJSkzWfRn3DbbqEUB-vJgXM-Mgw32PVf4Py3llZ40byLgvsd170ma8pSeh1cG-7CwSe74WBWlFN1-pYL1_w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cnU3bHlFazUxUXhsZ2E1&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&google_cver=1&google_push=AXcoOmR_oCUb-MN4x-u4MJSkzWfRn3DbbqEUB-vJgXM-Mgw32PVf4Py3llZ40byLgvsd170ma8pSeh1cG-7CwSe74WBWlFN1-pYL1_w

Request Chain 147

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECAlt1s8wyV85ZQp7bONjHI&google_cver=1&google_push=AXcoOmR0dfZtF7blzVJq_va2duHlPXgvulbT9a4SVieFcoh3jJHGo-qEtVzpQSqJyay_-BlC6eewOW1RYHhlBAXUpWCVt-VrkiqbVaE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmR0dfZtF7blzVJq_va2duHlPXgvulbT9a4SVieFcoh3jJHGo-qEtVzpQSqJyay_-BlC6eewOW1RYHhlBAXUpWCVt-VrkiqbVaE

Request Chain 150

• https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECvhmInjNP9IOAel2-RP6wo&google_cver=1&google_push=AXcoOmSsfS1MAJo8t0A3HlwDQe2AxRiFItraMj21P8_8e6_Wbt6ZZi4vudsssLunabSRm-PTDqgeevBq2DRVVArFzS3DN60SgXsZ6Zi0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmSsfS1MAJo8t0A3HlwDQe2AxRiFItraMj21P8_8e6_Wbt6ZZi4vudsssLunabSRm-PTDqgeevBq2DRVVArFzS3DN60SgXsZ6Zi0

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response s.yam.com/ Redirect Chain http://s.yam.com/wlf5p https://s.yam.com/wlf5p https://s.yam.com/	16 KB 6 KB	240ms 238ms	Document text/html	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://s.yam.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.187.123.178 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 7c2af55de11380d6fa31bf64534021752aba1addec5c14c09fc7485573a80207 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 5342 Content-Type text/html; charset=utf-8 Date Sat, 19 Aug 2023 12:40:49 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET Redirect headers Cache-Control private Content-Length 134 Content-Type text/html; charset=utf-8 Date Sat, 19 Aug 2023 12:40:49 GMT Location https://s.yam.com Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET
GET H/1.1	200 OK	css s.yam.com/Content/	139 KB 33 KB	477ms 476ms	Stylesheet text/css	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81 Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.187.123.178 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash c76b230a40cb927216612abe80a117c5546ec57111fb6b770d8fe67235815e6d Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 12:40:50 GMT Content-Encoding gzip Last-Modified Sat, 19 Aug 2023 12:40:50 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent,Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control public Content-Length 33813 Expires Sun, 18 Aug 2024 12:40:50 GMT
GET		script.js hanalytics.eu/js/	0 0
GET H2	200	500_104.png yamedia.yam.com/2021/share/ Redirect Chain https://img.yamedia.tw/2021/share/500_104.png https://yamedia.yam.com/2021/share/500_104.png	10 KB 10 KB	17ms 16ms	Image image/png	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://yamedia.yam.com/2021/share/500_104.png Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7b8b429327917653eb8b6569de614d8e60aaf6cb8012c1d3fb5ae9967636949 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 19 Aug 2023 12:40:51 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-md5 3wycdh9BS9lBG+JCpucFVA== age 714 cf-polished origSize=15707 content-length 10144 x-ms-lease-state available x-ms-lease-status unlocked cf-bgj imgq:100,h2pri last-modified Tue, 09 Feb 2021 10:04:20 GMT server cloudflare etag "0x8D8CCE211CE3D43" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYBT5hvhyNfVkrDd7XkNKR0iXYdCkgAglL8yGCEVEVQW59buG95OXbbzLFT%2FpC94XKnJKurUDjTvAqfiGOjVvuYHA1CPg%2F4VcemA%2FAOINrCbTenHaA%2FXIlnMZQ0KFfKzIULUYB8MChhCKS6lKA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png x-ms-request-id ad020c0a-401e-0096-2a29-618645000000 cache-control max-age=14400 x-ms-version 2014-02-14 accept-ranges bytes cf-ray 7f9277a8d94719eb-EWR Redirect headers date Sat, 19 Aug 2023 12:40:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cNYK1rlnYS5GutG3s7clxiOHf3r2PPYlotbXZMIevI71VT%2BRwFLnDT%2BI0ucR3Z9rvOYZp7QcILCBoSJWekQY%2B%2BpyOIr668W9SqSS5NZhzimI4e8Bkmfy8A8eL%2F%2BmGPoZb58WfXPyBDJmOYueQ%3D%3D"}],"group":"cf-nel","max_age":604800} location https://yamedia.yam.com/2021/share/500_104.png cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7f9277a8c9b91a40-EWR alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	loading.gif yamedia.yam.com/2021/share/ Redirect Chain https://img.yamedia.tw/2021/share/loading.gif https://yamedia.yam.com/2021/share/loading.gif	28 KB 28 KB	18ms 17ms	Image image/gif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://yamedia.yam.com/2021/share/loading.gif Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59984a7a1117f83f4dd2fbf45b19f07d6b5d0cd7dda1ac676bb9736005290900 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 19 Aug 2023 12:40:51 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-md5 AlOeK5j89stXWjZ5yAsFUw== age 714 cf-polished origSize=41005 content-length 28534 x-ms-lease-state available x-ms-lease-status unlocked cf-bgj imgq:100,h2pri last-modified Tue, 09 Feb 2021 01:44:21 GMT server cloudflare etag "0x8D8CC9C38BC7AED" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vygEEKzszVhJh2xFnmIHEsRQt5UvFAeuWGlYnwtr49HAQo73AQFdrZsPXr8nVFznS9HDo8bSWEobHl0jCZoKwHMx67w5uGxaTXGK4yxNrRWRqyhvOWZkoy%2B5kPJ4ZUpHgNNLmfh5yGTyGpgoTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif x-ms-request-id 85375fd3-101e-0022-4129-614a8b000000 cache-control max-age=14400 x-ms-version 2014-02-14 accept-ranges bytes cf-ray 7f9277a8d94619eb-EWR Redirect headers date Sat, 19 Aug 2023 12:40:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sffFDoBP%2FbUgRPUBBY1Lf9%2BuDMQbk0lHcLZO%2Bn70Cr0QyUVt2WaK0JzuVwTOMtUsjIaKrjEHgtxUW30HQAWrKgdYFosICAOxW5wquI%2BxNu2CIT66V3iw255csqgfTuj5MtSEb0ScntRyikqWQ%3D%3D"}],"group":"cf-nel","max_age":604800} location https://yamedia.yam.com/2021/share/loading.gif cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7f9277a8c9ba1a40-EWR alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	ad1.jpg yamedia.yam.com/2022/share/ Redirect Chain https://img.yamedia.tw/2022/share/ad1.jpg https://yamedia.yam.com/2022/share/ad1.jpg	46 KB 46 KB	16ms 15ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://yamedia.yam.com/2022/share/ad1.jpg Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72beb39c6147fd2c5c9add0edd915aff1c89d348d26b227f672de6bb6dcebd8e Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 19 Aug 2023 12:40:51 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-md5 EIH/dt2XVbdQ4Wu7hC3FDw== age 714 cf-polished origSize=59308 content-length 46596 x-ms-lease-state available x-ms-lease-status unlocked cf-bgj imgq:100,h2pri last-modified Tue, 19 Jul 2022 01:50:51 GMT server cloudflare etag "0x8DA69291C7D2019" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjIUy8b20MJyA5AdmLWntx9yG%2FUqBnv1W3YNYNvsVdugtXWcwstvzJKX9zNok2P4lYYdeOoR2xJroncqVjAhGwDMputPTEU9ToGzoJ7JDEMUQCOfnKJddZIv9FG%2FOqEDyv08M3obWd13k%2FbY5g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg x-ms-request-id fe9de89b-301e-0078-4d29-612c6c000000 cache-control max-age=14400 x-ms-version 2014-02-14 accept-ranges bytes cf-ray 7f9277a8d94519eb-EWR Redirect headers date Sat, 19 Aug 2023 12:40:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6Lk66iM3oV8AiqCDILpDS0n%2BpTaniVzGN%2Fz5RHeC0%2BLHZS4ivp%2FO9xksQ6wh0pLvPUstSHGeWho56ZtbFf%2B2%2BvFtfWPihp3DZBqRF9vrBxzYpY6%2FMk7My2q4%2FQHPnlrptpDl7fpDIMmniDP5Q%3D%3D"}],"group":"cf-nel","max_age":604800} location https://yamedia.yam.com/2022/share/ad1.jpg cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 7f9277a8c9bb1a40-EWR alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	146 KB 50 KB	62ms 40ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4834bde53f96a1b4afd3b20aefb3c9648751e4bf6a409e0618e36ba3d1455526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50979 x-xss-protection 0 server cafe etag 6113983605573764568 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 19 Aug 2023 12:40:51 GMT
GET H/1.1	200 OK	default Show response s.yam.com/min/	141 KB 61 KB	1197ms 720ms	Script text/javascript	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://s.yam.com/min/default?v=XZQUDHUAffRknvcSQvv8izAVzhjAqUudJ5KeuVE2Xxg1 Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.187.123.178 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash bfad1784c489a413b512e4f03923dd6cd991811c5c49263125aa6930196d7f4d Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 12:40:50 GMT Content-Encoding gzip Last-Modified Sat, 19 Aug 2023 12:40:51 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary User-Agent,Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control public Content-Length 61682 Expires Sun, 18 Aug 2024 12:40:51 GMT
GET H2	200	ya.js Show response stats.yam.com/	4 KB 2 KB	44ms 13ms	Script application/x-javascript	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stats.yam.com/ya.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 618345dbd605e9f5f771324ca1aae652c6e3ee89b452a965193b072492690acb Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:51 GMT content-encoding br cf-cache-status HIT last-modified Mon, 22 Aug 2022 05:47:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 713 etag W/"b8cf4baeeab5d81:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W%2FVEBPvFZD8Z3ttZ19DaYZz8YSSZ6QaiRvY%2BIpf8q4pUSSbpG6a4Echgu7pfHcpF2X4SqAlf75qI4mTX%2F8zOiXcU%2BFKIstVvFybIFFWdXCiOdKTrKEgpy0OvTHVBJrZaCuno0PbIxz1cH4%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=14400 cf-ray 7f9277a8c93919eb-EWR
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 463C	10 KB 5 KB	20ms 3ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 21956 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 06:34:55 GMT etag 13776922816869014096 expires Sat, 02 Sep 2023 06:34:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/	392 KB 132 KB	93ms 92ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54cb70d14cde2c15bdad4e1fcf9968ae47ed3482d72545cac3b8437485f98a77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134780 x-xss-protection 0 server cafe etag 8700396707982062022 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 12:40:51 GMT
GET H/1.1	200 OK	glyphicons-halflings-regular.woff s.yam.com/fonts/	16 KB 16 KB	238ms 236ms	Font font/x-woff	52.187.123.178 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://s.yam.com/fonts/glyphicons-halflings-regular.woff Requested by Host: s.yam.com URL: https://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.187.123.178 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af Request headers Referer https://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81 Origin https://s.yam.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 12:40:50 GMT Last-Modified Thu, 17 Aug 2017 04:57:26 GMT Server Microsoft-IIS/8.5 ETag "9c6d60521517d31:0" X-Powered-By ASP.NET Content-Type font/x-woff Accept-Ranges bytes Content-Length 16448
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	19ms 3ms	Script text/javascript	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:27:56 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 775 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 19 Aug 2023 14:27:56 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 205 B	18ms 17ms	XHR text/plain	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=234219082&t=pageview&_s=1&dl=https%3A%2F%2Fs.yam.com%2F&ul=en-us&de=UTF-8&dt=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2145550914&gjid=582168225&cid=2033635232.1692448852&tid=UA-16227618-1&_gid=1371772859.1692448852&_r=1&_slc=1&z=1294178691 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://s.yam.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	381 B 601 B	35ms 18ms	Script text/javascript	2607:f8b0:4006:816::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=s.yam.com&callback=_gfp_s_&client=ca-pub-2675037296853968 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 189c152e17d9e9334915f95e4f19c6773e92e1f94b323d271e51dd2587407f88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:51 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame FFF3	143 KB 44 KB	477ms 476ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f6d77c438c6f7f03707868668609f21f6fdf1f08a1250d43769902331ec9e0f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 44951 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:52 GMT expires Sat, 19 Aug 2023 12:40:52 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 343 B	42ms 17ms	XHR text/plain	2607:f8b0:4004:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16227618-1&cid=2033635232.1692448852&jid=2145550914&gjid=582168225&_gid=1371772859.1692448852&_u=IEBAAEAAAAAAACAAI~&z=1133210173 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://s.yam.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 19 Aug 2023 12:40:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	50ms 22ms	Image image/gif	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16227618-1&cid=2033635232.1692448852&jid=2145550914&_u=IEBAAEAAAAAAACAAI~&z=797623965 Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame FFF3	14 KB 2 KB	47ms 5ms	Stylesheet text/css	2607:f8b0:4006:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::200a Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 19 Aug 2023 12:40:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 19 Aug 2023 12:13:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 19 Aug 2023 12:40:52 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame FFF3	2 KB 945 B	38ms 11ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21952 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame FFF3	23 KB 9 KB	23ms 12ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21952 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame FFF3	3 KB 1 KB	23ms 13ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21952 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame FFF3	20 KB 8 KB	37ms 10ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21952 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame FFF3	180 KB 57 KB	54ms 30ms	Script text/javascript	2607:f8b0:4006:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:52 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Aug 2023 12:40:52 GMT
GET H2	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame FFF3	35 KB 15 KB	45ms 4ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 00:20:46 GMT content-encoding gzip x-content-type-options nosniff age 303606 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Wed, 16 Aug 2023 00:01:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 14 Nov 2023 00:20:46 GMT
GET H2	200	data=iicAv5strEQNItP1w_71W-rwUIBMitBROCa8MtJo0iwoR01Sl6c1jAaRsisTKrvxhaVhhC_Hzcm3exCvwwx6Fogw1zajio3CQgWkLcoIhDP124xUq2F-9TeaeOk mts0.google.com/vt/ Frame FFF3	63 KB 63 KB	37ms 5ms	Image image/png	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://mts0.google.com/vt/data=iicAv5strEQNItP1w_71W-rwUIBMitBROCa8MtJo0iwoR01Sl6c1jAaRsisTKrvxhaVhhC_Hzcm3exCvwwx6Fogw1zajio3CQgWkLcoIhDP124xUq2F-9TeaeOk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash ecb7ae4321ebee4c99bb851bf45fc78796896de7fa2f4db09f894bf94227400d Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none'; base-uri 'none' date Sat, 19 Aug 2023 11:56:56 GMT x-content-type-options nosniff age 2636 cross-origin-resource-policy cross-origin server-timing gfet4t7; dur=1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64415 x-xss-protection 0 x-server-version-bin CggIBBDwoPemBg== server scaffolding on HTTPServer2 etag 03a4b8e4d5f527b70 x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control public, max-age=3600 expires Sat, 19 Aug 2023 12:56:56 GMT
GET DATA	200 OK	truncated / Frame FFF3	244 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame FFF3	333 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame FFF3	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0237c1a09635738809d8c1168c33ddf2a0328c3c0e555994e49cbd01f5483ad7 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame FFF3	33 KB 34 KB	22ms 6ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 08:20:03 GMT x-content-type-options nosniff age 102049 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 17 Aug 2024 08:20:03 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame FFF3 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CCbx9U7jgZNj6O_TRzLUP-8u4-ArQld2Actqd94GuEeSCu_uaAhABIMzdhyFgycapi8Ck2A-gAcPU8-UDyAEJqAMByAPLBKoEvQFP0Cas2AlM5QkyjI_WgZ_vb5vLbNKf_r8TSffxTZfZ6b_... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x75f15b3bc46581c20000000000000000%22,%222%22:%220x22b4f5c095c0de570000000000000000%22,%225%22:%220x87085d...	0 0	37ms 18ms	Fetch text/css	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x75f15b3bc46581c20000000000000000%22,%222%22:%220x22b4f5c095c0de570000000000000000%22,%225%22:%220x87085d6a692811f90000000000000000%22},%22debug_key%22:%2213061708134397107474%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221019013699%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228330870953737313905%22}&andc=true Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Server 142.250.64.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:52 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x75f15b3bc46581c20000000000000000","2":"0x22b4f5c095c0de570000000000000000","5":"0x87085d6a692811f90000000000000000"},"debug_key":"13061708134397107474","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1019013699"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"8330870953737313905"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 19 Aug 2023 12:40:52 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 19 Aug 2023 12:40:52 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x75f15b3bc46581c20000000000000000","2":"0x22b4f5c095c0de570000000000000000","5":"0x87085d6a692811f90000000000000000"},"debug_key":"13061708134397107474","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1019013699"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"8330870953737313905"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame C644	37 KB 14 KB	4ms 3ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1692484851&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448851774&bpp=38&bdt=489&idt=153&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&correlator=4876539370405&frm=20&pv=2&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=gR2ahTsCmv&p=https%3A//s.yam.com&dtd=173 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 15 Aug 2023 21:15:24 GMT content-encoding br x-content-type-options nosniff age 314728 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 14 Aug 2024 21:15:24 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	45ms 17ms	Preflight text/html	142.250.64.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x75f15b3bc46581c20000000000000000%22,%222%22:%220x22b4f5c095c0de570000000000000000%22,%225%22:%220x87085d6a692811f90000000000000000%22},%22debug_key%22:%2213061708134397107474%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221019013699%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228330870953737313905%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 19 Aug 2023 12:40:52 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ stats.yam.com/y/collect/	0 0	966ms 953ms	Fetch	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stats.yam.com/y/collect/?v=1&cid=s.yam.com&uid=yam.16924488520002620&ul=en-us&sr=1600x1200&dl=https%3A%2F%2Fs.yam.com%2F&dr=&dt=Short+URL+-+%E7%BE%8A%E9%9B%AA%E5%85%92+-+yamShare+%7C%E8%95%83%E8%96%AF%E8%97%A4&en=page_view&ea=&ev= Requested by Host: stats.yam.com URL: https://stats.yam.com/ya.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT x-aspnetmvc-version 5.2 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-aspnet-version 4.0.30319 server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yINvhlnmujhM0rGUvJnMLgIptSd4q%2BQiNhp6x2AdkCcPkP2%2FHCplFYuCjvkBziGv3e%2FfvyPhI3R4vKUJJ8kP%2FcZF2iwyQSJVmiTH6UzSE863weoZOXONWyPUPrhIObZ5%2BDHRv33zlF04ee8%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control private cf-ray 7f9277b1fe48423a-EWR content-length 0
GET H2	200	beacon.js Show response sb.scorecardresearch.com/internal-cs/default/ Redirect Chain https://sb.scorecardresearch.com/cs/38111965/beacon.js https://sb.scorecardresearch.com/internal-cs/default/beacon.js	4 KB 2 KB	5ms 4ms	Script application/javascript	108.139.47.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-cs/default/beacon.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Server 108.139.47.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-108.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 04:19:49 GMT content-encoding gzip via 1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront) last-modified Wed, 19 Jul 2023 09:10:12 GMT server AmazonS3 x-amz-cf-pop JFK50-P1 age 30064 etag W/"77ff4ede4693897337a38594321529a3" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id N-l7Pja6TEuH4X_C7LqoLMqirBIgt1JaKVMY-tlfk9n71GBo_XTRKA== Redirect headers date Sat, 19 Aug 2023 12:40:52 GMT via 1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop JFK50-P1 x-cache Miss from cloudfront location /internal-cs/default/beacon.js content-length 0 x-amz-cf-id pPujfk7K5kxRdAEspGrxdtcxFCfkF2VLkTXHPu5RzG0eRD-WSvEwSQ==
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9BEA	334 KB 71 KB	661ms 660ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&lmt=1692484852&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fs.yam.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692448852783&bpp=2&bdt=1497&idt=2&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb151738485fa636-22b5ad59a2e300df%3AT%3D1692448851%3ART%3D1692448851%3AS%3DALNI_MZ0W8kY7NDdvb7OJ9Ud2kIwfB24ng&gpic=UID%3D00000d8c63e72194%3AT%3D1692448851%3ART%3D1692448851%3AS%3DALNI_MYDh_VrK7gCRe7GXZqGroBdyrPcrQ&prev_fmts=300x250&nras=1&correlator=4876539370405&frm=20&pv=1&ga_vid=2033635232.1692448852&ga_sid=1692448852&ga_hid=234219082&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077148%2C44795921%2C31077199&oid=2&psts=AOrYGsktlVOu7JwGV9Hlk2QL7lx85FZBMG0UW-42ZY2Xc3meoZLK26LhlMj7wlXMs02jxOx7Y5rrtAnzC8umBxE-Y3IYoQ&pvsid=3310095204787598&tmod=530243665&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=21 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ed8a8ef1b0f8741f05e7c33ba01a7a05daef209e5469c57ac41c17bdb99c9267 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 72447 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:53 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	18ms 17ms	Image image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=38111965&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692448852818&ns_c=UTF-8&c7=https%3A%2F%2Fs.yam.com%2F&c8=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%... https://sb.scorecardresearch.com/b2?c1=2&c2=38111965&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692448852818&ns_c=UTF-8&c7=https%3A%2F%2Fs.yam.com%2F&c8=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-...	0 223 B	12ms 12ms	Image text/plain	108.139.47.108 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=38111965&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692448852818&ns_c=UTF-8&c7=https%3A%2F%2Fs.yam.com%2F&c8=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9= Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Server 108.139.47.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-108.jfk50.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:52 GMT via 1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop JFK50-P1 x-amz-cf-id hUGtYYlcb_3NIQRSgfbqaCy5tyOXu0MHDrtqeee_5OlclpahnwORZQ== x-cache Miss from cloudfront Redirect headers date Sat, 19 Aug 2023 12:40:52 GMT via 1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop JFK50-P1 x-cache Miss from cloudfront location /b2?c1=2&c2=38111965&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1692448852818&ns_c=UTF-8&c7=https%3A%2F%2Fs.yam.com%2F&c8=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9= content-length 0 x-amz-cf-id IoOR9xzFz7gWAl3HjNs_lCTW_po4L-P2KuxgiUr129jMKANiTXiRpQ==
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	49ms 27ms	XHR application/json	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46f7df9c44c7be4757727be0304b0f37a6e97c68fa9c7bb2cef877438eb6e147 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11737 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/	154 KB 52 KB	32ms 31ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/reactive_library_fy2021.js?bust=31077199 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a1403f5af0399c950711fb340c815971c1a83b4d185d7ee11e176d37824da7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53672 x-xss-protection 0 server cafe etag 5845759926995016002 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 12:40:53 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 8BEF	10 KB 4 KB	4ms 3ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 48419 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 18 Aug 2023 23:13:54 GMT etag 13776922816869014096 expires Fri, 01 Sep 2023 23:13:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 2793	10 KB 4 KB	4ms 3ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 48419 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 18 Aug 2023 23:13:54 GMT etag 13776922816869014096 expires Fri, 01 Sep 2023 23:13:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame D2F4	10 KB 4 KB	4ms 3ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 48419 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 18 Aug 2023 23:13:54 GMT etag 13776922816869014096 expires Fri, 01 Sep 2023 23:13:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame BE46	10 KB 4 KB	4ms 3ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 48419 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4542 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 18 Aug 2023 23:13:54 GMT etag 13776922816869014096 expires Fri, 01 Sep 2023 23:13:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	39ms 38ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js?bust=31077199 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 19 Aug 2023 12:40:53 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 8BEF	4 KB 767 B	25ms 22ms	Stylesheet text/css	2607:f8b0:4006:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::200a Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 19 Aug 2023 12:40:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 19 Aug 2023 12:05:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 19 Aug 2023 12:40:53 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 8BEF	205 B 520 B	5ms 3ms	Image image/png	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 18:29:40 GMT x-content-type-options nosniff age 238273 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 15 Aug 2024 18:29:40 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 8BEF	604 B 696 B	6ms 4ms	Image image/png	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 18:26:02 GMT x-content-type-options nosniff age 238491 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 15 Aug 2024 18:26:02 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 8BEF	15 KB 6 KB	7ms 6ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:32:15 GMT content-encoding br x-content-type-options nosniff age 79718 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6441 x-xss-protection 0 server cafe etag 6802313557646952851 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Sep 2023 14:32:15 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 8BEF	20 KB 8 KB	8ms 6ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:32:15 GMT content-encoding br x-content-type-options nosniff age 79718 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8570 x-xss-protection 0 server cafe etag 11167480076894372452 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Sep 2023 14:32:15 GMT
GET H2	200	afr.php Show response ads.us.criteo.com/delivery/r/ Frame B83D	173 KB 54 KB	309ms 111ms	Document text/html	2620:100:a001::24 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 22d40afe600fbccc4153f064caa6bd67522ff9aa4d6d2af16d4125ed089b32eb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:53 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=U2lwCag7teU57uXXRPmKxG6dFfDUARNtEH6lRM_XMkGfk-cSjaD7avWCOsbPPJJv6PtLwCsurx0su_orjGFplmdGAv9UYao9PpyYEUlJGOhlarrOwIcH_HHi_Ky-kDZE39p6B2xioDKsqfIWhTyTxT6tQTDe5CEeERho9e6tM7DANGcei4JbheopQWFwjSGxAclIIquSQAD-MGT5VT-HzHE7H_E_y5HoqGzXNsw2Wt0ic6wmgbgs_uogq_jVDwBmkUNSkBPWLcxnPdKZ"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 96547846 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2793	3 KB 1 KB	18ms 14ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 7E08	1 KB 643 B	14ms 11ms	Document text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 24102 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 05:59:11 GMT etag 48472445140208031 expires Sun, 20 Aug 2023 05:59:11 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2793	20 KB 8 KB	17ms 13ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 2793	0 0	33ms 28ms	Image text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3UNvrO1f-k6wdA5nS30iaw7fTnbofrL9sg89h8Y7n90QJWeTUpM3bDHIPuZJLH9FVRic0c4wkkOXg0WvGAqfwGzUVQw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2793	180 KB 56 KB	32ms 28ms	Script text/javascript	2607:f8b0:4006:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Aug 2023 12:40:53 GMT
GET H2	200	afr.php Show response ads.us.criteo.com/delivery/r/ Frame 04D3	125 KB 44 KB	96ms 72ms	Document text/html	2620:100:a001::24 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 8376e5ad04cdac8d14843559934c83c27bde7d3dbeabef66a267b49bb311c10e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:53 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=VnmvB6g7teU57uXXYr1-BtY8E6hp5Kur5GDczC7LMSWhn4cgUFr-clpHH3DGSmfVJTSQ7eDN-8VW1CcShy_rrH-WAzfKmR277WfXcA-AziIuAnlTJ2cnguC78FoYuxYUXGv5wwi8uycu_3S8aQuGUZerNNGWAVEIto0DlSxpKUdK6f_vbErkLxmf45J94o_7LWOmt4FsFbDMBO2fb2C6iVeS9n-VcSs0oHv_UtyhygnGEp0voUUlwbKQ_WjW2m5_p1HoHQ"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 58581507 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame D2F4	3 KB 1 KB	4ms 3ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 22EC	1 KB 643 B	32ms 7ms	Document text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 24102 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 05:59:11 GMT etag 48472445140208031 expires Sun, 20 Aug 2023 05:59:11 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame D2F4	20 KB 8 KB	4ms 3ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame D2F4	0 0	22ms 21ms	Image text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXzV0AXk_6anPXGmOmE3-kwoRwhUqUnOvqWLnylbTW8yrTzw-Mytlb2V8IGV-sfoyEfWA_GIsSYw1aby_sLiNkJSBdfw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D2F4	180 KB 56 KB	19ms 19ms	Script text/javascript	2607:f8b0:4006:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Aug 2023 12:40:53 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame ECEF	624 B 242 B	52ms 24ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCdng4Y-t-6twEwAQ&v=APEucNUS_i-90W2KNR_wQ3EFutOvZeZzugJnPTRDedYhmr-P-WU20e4IqQ96U2Sfi2-r9GgeovRI6JUOAXTq1MdjDouZUlUiKw Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:53 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 0843	86 KB 29 KB	37ms 37ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30167 x-xss-protection 0 server cafe etag 12949109546734229676 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sat, 19 Aug 2023 12:40:53 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 0843	3 KB 1 KB	5ms 3ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 0843	20 KB 8 KB	6ms 5ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 0843	0 0	32ms 31ms	Image text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDBGq4sq2T3CtItjViKvNzJ0bvtgg8Bk3eswLubD4DgUktuA9JUeWtHzoKZC-OuBkrOXhZlG8JbtLtTntb7-0O7Tkd1w Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0843	180 KB 56 KB	29ms 28ms	Script text/javascript	2607:f8b0:4006:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Aug 2023 12:40:53 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0843	42 B 63 B	18ms 17ms	Image image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Azne2_QXHZa9R6l_6f6aNmxU2VPBEofk55jHYIPxzxwFsZOyDRN-Vn6p72zuDRYO471-Y-VgqtzLBJorAAGRWNgT-OJwzrLEQNMP6z8z2SsJOBp-U Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0843	0 20 B	19ms 18ms	Image image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9768475925974685218&x=1&ct=76 Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame FFF3	42 B 64 B	24ms 23ms	Fetch image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsux3R7h8KB-sBLgAwglnc7e6Q2ivCHw4v9hzBa1NV7Y-1QsvDX4tzKEZNVYfwoHYdgNbh6YKbeaUDaCApdAzhmTqEAH0rG0BRpcYU9sxkqKtqbgySiEj56EM4JG-3bCg6phiyTaD40BpWAyhCGuoaWOQewe4ChjqbSiTWNEXi6r-qzU72M4u6aeaKLwJ2eKuy-eJNVKpKZvLNRKoX-xN8pR88wEfjzTFrrk0q621OyMoaip6u34ZO7ruVgZzYU5-LkMf_uLP7cTZ836PkzsxoFHeCfzKsCwzCIUoWXNU0IHoX7GDJMofeS8lUzXQUJ4GgzzZEnL8zcqo147BA5KFstpejINNqnZwY3tIJtYW8Uxlm1W8iatw_IYJfJW_St40vciwXnmRRi-bww0rgyv7xLOOMmKEr1CCMpzo-ZuAUarwMqSRfN9SaCfbr9HHI-Oj0-ZqKtGc7YB4ZXjvSD6F6Fyn3pzQDfE_dNdn13rRQ-BCGI72385qAxpvGG-zGF2ls1BDVBBNjcImwamsD3kGZC7gJ7yzyMU3nbVXke_OgRBHW4jfKu9Kk4CExIsNw094OOci494b_3C2LHCDJdCsU41meKQn-8QiEWlgFWvuo8T1ymAh4tQMfzWpsdbHSEzcUrJgUmsZyQTYn6qV6_8PRTqNNwh7G2Ywo-DD_3No4MOcMReRswTUjqxZwFiUjA8ca1GrBc30Dv9qCRJKmSfS6-RwfCRA7sIjul7Y_uYrMlzhzYS3Yn9L7qzvE8UE-0yCcYgWk0REbFc3YHuUyGV89ytMPTLFhnIW6G4uW6Y5-y7Jx5XGsp1g8zCv3No_yDi_djF3rSsw3VF0uPIPzDKPSOhnpHHX8IMofD7s7escicEMioz5wp-xPv0_oWmD3XPdqsnd52ty6lNLQBMnDXcWeJmM_vfoUg0s9SbfQVWZMpPqEGTj0xxQOnPNlz8mbUF8Gvzl8FZexXHr6kdRLGJiXWY44PFd7p1jxuLbEzFnYIH2gc-Pxx0bIQrsBGIXztOnFCT9KzWqb3y33TqT4n3T6svzVLgBsYu5E96x8cZBP4No2VZYqdb5w8RdFMUJfMpFFbtMNJphRkATsQ98o_Qf-DEKaMw8faIHjS0SoMhaAsd8604cbrIUpGlQqcEeYhyFLWOql-V59VIXagkGew_sA&sai=AMfl-YTNsA1WWsJdBBkUCNhK8daebebl6nV8nanKDZtvfsrxY97tajN4ablvHNLxX2dw51rIDwP3W1DcKfZVhG-kecoxkjkkGZaJiw&sig=Cg0ArKJSzKpPOJSt1OtGEAE&cid=CAQSGwBpAlJW65sbBtdvyIC13JwJutHCnxZpkTzNNxgB&id=lidar2&mcvt=1047&p=0,0,250,300&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=622561713&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692448851950&rpt=708&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D9C	13 KB 5 KB	32ms 6ms	Document text/html	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 21954 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 06:34:59 GMT expires Sun, 18 Aug 2024 06:34:59 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 42B3	829 B 994 B	52ms 26ms	Document text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d13dfb401f9d0f5f7a7b57c415cd70ee30f0b9fb4e6342e6271b74c8ace58a8d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Dr4wuO32slPhQKz8z-9lkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://s.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 537 content-security-policy script-src 'report-sample' 'nonce-Dr4wuO32slPhQKz8z-9lkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:53 GMT expires Sat, 19 Aug 2023 12:40:53 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	css fonts.googleapis.com/ Frame 96DB	14 KB 1 KB	21ms 20ms	Stylesheet text/css	2607:f8b0:4006:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:808::200a Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 19 Aug 2023 12:40:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 19 Aug 2023 12:10:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 19 Aug 2023 12:40:53 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 96DB	2 KB 892 B	4ms 3ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 96DB	23 KB 9 KB	4ms 4ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9092 x-xss-protection 0 server cafe etag 9312205082594545078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 742D	143 B 166 B	25ms 4ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 3055 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 11:49:58 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 96DB	3 KB 1 KB	4ms 4ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 9F3C	1 KB 643 B	21ms 3ms	Document text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 24102 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 05:59:11 GMT etag 48472445140208031 expires Sun, 20 Aug 2023 05:59:11 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 96DB	20 KB 8 KB	4ms 4ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:35:00 GMT content-encoding br x-content-type-options nosniff age 21953 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8273 x-xss-protection 0 server cafe etag 16365778639179992903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:35:00 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 96DB	0 0	24ms 21ms	Image text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1U9brD1Amv3wDMlexK3EGsDvyquZ9elg-3x7lO_95FV10AgZCTP_HgAJW30_YmCc2SVk0Gv-MO62yM5UEE4Gfm88OGg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 96DB	180 KB 56 KB	41ms 39ms	Script text/javascript	2607:f8b0:4006:822::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57620 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1692185840427238" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 19 Aug 2023 12:40:53 GMT
GET H3	200	e822d7071992e030a786d1a51b1f59a7.js Show response www.gstatic.com/mysidia/ Frame 96DB	35 KB 15 KB	6ms 4ms	Script text/javascript	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 00:20:46 GMT content-encoding gzip x-content-type-options nosniff age 303607 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14926 x-xss-protection 0 last-modified Wed, 16 Aug 2023 00:01:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 14 Nov 2023 00:20:46 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7E08 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECAlt1s8wyV85ZQp7bONjHI&google_cver=1&google_push=AXcoOmTX9V1yr_gwwdR9cwefGn9oQGlZ_0SIL6UhNv04LrZ8-EPInkWwyHQgmUwuf1q6yb2yH5YP0HZoAQMarfzr... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTX9V1yr_gwwdR9cwefGn9oQGlZ_0SIL6UhNv04LrZ8-EPInkWwyHQgmUwuf1q6yb2yH5YP0HZoAQMarfzrQvc81HD9SQNa	170 B 188 B	21ms 21ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTX9V1yr_gwwdR9cwefGn9oQGlZ_0SIL6UhNv04LrZ8-EPInkWwyHQgmUwuf1q6yb2yH5YP0HZoAQMarfzrQvc81HD9SQNa Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 19 Aug 2023 12:40:53 GMT Server MT3 1031 59fd23a master ord ord-pixel-x27 config_version:"1969" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTX9V1yr_gwwdR9cwefGn9oQGlZ_0SIL6UhNv04LrZ8-EPInkWwyHQgmUwuf1q6yb2yH5YP0HZoAQMarfzrQvc81HD9SQNa P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Sat, 19 Aug 2023 12:40:52 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7E08 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOb6sJupBAa2daNSEHDr654&google_push=AXcoOmSB20dQzBok_VVXSS9Xbai9_meGcsP2MGrhkMWZDOOEmh8D-vjEmZ...	170 B 232 B	30ms 29ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOb6sJupBAa2daNSEHDr654&google_push=AXcoOmSB20dQzBok_VVXSS9Xbai9_meGcsP2MGrhkMWZDOOEmh8D-vjEmZZ3mjmk5a4SEgP8kJJ9maNHhjlezKFe3ueWuD7bvZ5PZQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-lga21975-LGA pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1692448854.878739,VS0,VE8 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOb6sJupBAa2daNSEHDr654&google_push=AXcoOmSB20dQzBok_VVXSS9Xbai9_meGcsP2MGrhkMWZDOOEmh8D-vjEmZZ3mjmk5a4SEgP8kJJ9maNHhjlezKFe3ueWuD7bvZ5PZQ cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7E08 Redirect Chain https://fksnk.com/cs/google?google_gid=CAESEPp_3TC9W9e5Ofb9KbM_uHQ&google_cver=1&google_push=AXcoOmS53rC5nu8MLpEhXsPhEWl1PSntOCDYwWAy7ElctV4wXwCi4aru1R6m8AwkTg5SpIupSIFcuTA0ETspNTfjgfyxrFtSAmWOgA https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA==	170 B 243 B	21ms 20ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA== date Sat, 19 Aug 2023 12:40:53 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7E08 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEOTbocahcHrbrvvQUPBdh6E&google_cver=1&google_push=AXcoOmSRR6B9oosahycpTZmCf6K5gWmPh9JY6gZ5-BE67fDUreMNGdBQRaQ4jXjiyKDcFfzJFPQqE1B35yMo9RYa... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eJY9w2d8Qj-2sO-J-ohqwA2&google_push=AXcoOmSRR6B9oosahycpTZmCf6K5gWmPh9JY6gZ5-BE67fDUreMNGdBQRaQ4jXjiyKDcFfzJFPQqE1B35yMo9RYauNjMHkwqkjRwdQ	170 B 188 B	21ms 21ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eJY9w2d8Qj-2sO-J-ohqwA2&google_push=AXcoOmSRR6B9oosahycpTZmCf6K5gWmPh9JY6gZ5-BE67fDUreMNGdBQRaQ4jXjiyKDcFfzJFPQqE1B35yMo9RYauNjMHkwqkjRwdQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 19 Aug 2023 12:40:53 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eJY9w2d8Qj-2sO-J-ohqwA2&google_push=AXcoOmSRR6B9oosahycpTZmCf6K5gWmPh9JY6gZ5-BE67fDUreMNGdBQRaQ4jXjiyKDcFfzJFPQqE1B35yMo9RYauNjMHkwqkjRwdQ x-host tde-deliveryengine-production-6ffbf575ff-q86z6 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 7E08 Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECvhmInjNP9IOAel2-RP6wo&google_cver=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b66ePnODJluzf0T1mskhKBT... https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESECvhmInjNP9IOAel2-RP6wo&google_cver=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b66ePnODJluzf0T1m... https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b...	170 B 188 B	22ms 21ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b66ePnODJluzf0T1mskhKBTFfx6Vkew5ZwV8SqTl9spFRdTG4Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmRFgJrmnobfoW1_-7Y_eV2AFrnTeOnBbn-uf__XxOiMFpk66b66ePnODJluzf0T1mskhKBTFfx6Vkew5ZwV8SqTl9spFRdTG4Q date Sat, 19 Aug 2023 12:40:54 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7E08 Redirect Chain https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOT8PODY0D91XJez2KUXbB8&google_cver=1&google_push=AXcoOmSLld5VLvtIY2Adbr7zwP0Kf9Fps0zNqgmW4_uE81kVftTbYmJs6EVFUjQ8BW... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSLld5VLvtIY2Adbr7zwP0Kf9Fps0zNqgmW4_uE81kVftTbYmJs6EVFUjQ8BWTzsHZyG68ee5WxycU5SVzOOYBZ_kcnNnlo36k&google_hm=...	170 B 232 B	27ms 27ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSLld5VLvtIY2Adbr7zwP0Kf9Fps0zNqgmW4_uE81kVftTbYmJs6EVFUjQ8BWTzsHZyG68ee5WxycU5SVzOOYBZ_kcnNnlo36k&google_hm=kt1Zf-0ETNmqIS0erYyWE4Y Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 19 Aug 2023 12:40:52 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSLld5VLvtIY2Adbr7zwP0Kf9Fps0zNqgmW4_uE81kVftTbYmJs6EVFUjQ8BWTzsHZyG68ee5WxycU5SVzOOYBZ_kcnNnlo36k&google_hm=kt1Zf-0ETNmqIS0erYyWE4Y content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 7E08 Redirect Chain https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESECqb1oH_opO7fYieQ1-UF30&google_cver=1&google_push=AXcoOmSvtKXNYUn9yypXI4jE_bFmrtq8cpiaCBwSPRsCDmY4nMbXLb-Eu9oOKudwSOwzrM_iXNap5RewQlPy9et... https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=pr_PXzI2ZEWqnUe7viwpRw&google_push=AXcoOmSvtKXNYUn9yypXI4jE_bFmrtq8cpiaCBwSPRsCDmY4nMbXLb-Eu9oOKudwSOwzrM_iXNap5RewQlPy9etKy98OPWy6g...	170 B 232 B	28ms 28ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=pr_PXzI2ZEWqnUe7viwpRw&google_push=AXcoOmSvtKXNYUn9yypXI4jE_bFmrtq8cpiaCBwSPRsCDmY4nMbXLb-Eu9oOKudwSOwzrM_iXNap5RewQlPy9etKy98OPWy6gwnK7e4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=pr_PXzI2ZEWqnUe7viwpRw&google_push=AXcoOmSvtKXNYUn9yypXI4jE_bFmrtq8cpiaCBwSPRsCDmY4nMbXLb-Eu9oOKudwSOwzrM_iXNap5RewQlPy9etKy98OPWy6gwnK7e4 Date Sat, 19 Aug 2023 12:40:53 GMT Server Kestrel Connection keep-alive Content-Length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 7E08	0 130 B	56ms 18ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJOobJYZu67lY-VjO5NwyLUyRNAX7-SYTzdjsZwU4B0jNdUADSPnMKzAmzv0udi1v7k-PezwZg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:53 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0843	0 20 B	21ms 18ms	Ping image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1526345530483&version=m202307240101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0843	0 20 B	21ms 20ms	Ping image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1526345530483&version=m202307240101&ct=76&x=1&cor=9768475925974686000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 0843	90 KB 37 KB	57ms 54ms	Script text/javascript	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Arjd5vfhFiOn0iju48iEVn38OB88zSlRGSP7dID4kAfCvWzyrcDffUbSAkeYxZqQhBdLl79BB04pt34QFpW3ehdich5Q&cry=1&dbm_d=AKAmf-Bn_0eAqhje88eO8ObazD2yWW9XDHlbmL-YsI2krGV-UjAtfrd_ebqx2mAYqJ7gcsUtFzYf9K_6HTzGdyaFTw-o3AJlbF3TkFBEhDVvC7xtbluTVNpLPb1ZCr78093RjBlVmytVR6oRNGpKMppNzOzYJ99p-zC1YZqQdJ4TG1caJ0PZ5b7gjS70fsqeKppipfnVdb2ARetJBrPf6J39GP51dSDYYC7XKbPNNT6reGZoQ8NDc7oSFtfg6X0RtjGO16FjOgHwVYeHNlwUISB5zey1E3ob2Ch8h1Nhb5z66SVruSMBqyBqk7Rar1MzLrzh9mz-BaQXrspNOScGX-8OtV41zNqJJq_0C1PY0NDd8WN240LyVD3oa4kG39V3_Hz5ohLV2LDw8-gG0Wjm_U9JeGI_h8zV126ghp3jaI-g-RfE3vRlsucxyDUv77AnYAv6xdmN5BJLR2Hm3wGl19U5hnGgvsDRnpAoJzZRnaVMlgVdPOVs-ABMj0xGjR2poQTMW9Jjq6x5yFyrj5LOBc39OiMR5FQ0V3C2hF27BsamtbWIIa2BeY6zxf9k3b52kdFe5sh8_B-rpYfXFcO3gPbCYmp0_Msu0RYN6Sf41iyick0ZgNBQr7Ke1klcyx9rLju5eP0FBQAXNZesi-UWfXOPipeK_e3ul--bsJ36As5EcJ4vqN6QoIh76aPajjwmoLSCc_q9hO8FmzxD2YOLrxgOD0n8YWokodmlR56zfnAjpThJ1l2tCnESzRM1DOIjiptLJbnrDjB3lCvMeD96uxM9BAIg6Fke9nawLhZE0F-cJSGpVGbGbwupI-LBZqIoCGBsJ665hA7GjPJLQNvfKkkyaLhtmUgyNnxElJvliBUsjUOLdFC_v36W-UhUmW1jJk7hncu1QuqwXOO-yW-jzzhcOIDcAyXbGjDYG-AGYmNhd9rbL3J8s78erjiwQ67Km_K9MZY_qysoI6ISALQFv0NRZAMJHR_KI1O4JkpWOqOGo_tIjNZ-WuoAu4S63Js5fWTDczGQ8XNMSe5jKBZ3F3zmYB_GxYTTEsqE0lGGvF4KZ43HF2ZfC8gjisQ2CpQADEGKShlnkuy_P7_D2pBe_BTJHxlgMO3GFKlKM_9UoOHGEokanYewbABxA6onuKaBcurHyR8ZAuyS9uJeAy2HH3XKCdbiMcLuzGNEJMf5wYUJdyqzt-AI0JdH4mfI4cCTLMTP1qxDHforxigR08sHLdoVGI55pQQNvfQWacKPNeLbsVvyIAXOXXleQnZPdd_UjdyQkIjub8KdmwuFc97ZSPvGjA-EniONNB_yls1xoOy8qreZIYXBHBZIJY4rJU_EaAw-UROV9WNfEfmlQxelc-CO3A07mMPvWfByD09hs1MJPQXhutf-AfrRonlfocOnX-FQFTLL9SSExaTIuJmFEiewTmXWYg0iBiyHYHv68wFjwY2D-040VczQG23NapJgH7hTckN8hkgsBKc7Yy7Ww7B8UYe-_0TzI7zjjCYpoL8YnSdGwVIFSkZVYFVLG1VCw1Y3NPkrTWHTRnpWbDm5J8X0c4nPC_9fLvrxir9d7jPQN6U6aXccXOMlOifCOAfKGVbLdOvpJL7XuJpfp-YdCRcEQeB94hY9qMlFIx_LdcHUrzLdvWEXC5HqewNP8ctnRsZflOpFaY20-d6IlysdqAMtg55hIVXkdOo2eCoMSvWD25Ma6CtMJOml2NvtRHT98r0qAe5azZZ9f58dWFZ8X62Aea6hBZJfQ_6sedMtq8gR-Mn6TrR4PMUZ2qGikgoLWgaY5KoQVlHbAF0zJpYDXlD0wPrVkSPu9654iVG7fTHT1qJuw039R0aPU8NcTJFm1PCUEiygj0znfWQcQt6pLz7nYDzHJbLTkFIpIVzXP7pR5K3jkVvK70lDJx_YlRRg_X8j07NWjpGy2kxUjrrvr-7WqLiZDWg-Aai5PWRzmZVe2kt0-EQ1tKBNq-pH5E1jYCsetamNOIjp7XiuPeToEG--YhtjkXqm01wkjPIklr7nGIUrZk-XMVswMzg5L09eRnFBzcUOiQ1ZKJvSRUHIq9Y5BoQ_Tz_Na-1-fzLOOd7wGTNcfdQCxXPrC5WvhtkVC3I_2YSp_c16BGDw5DFn6FTYPN2QHEaEAKraqChJWbgzv6R5megcXNT8ArGujPyGgeq4GP1hLBMcshn2jpHZxhoVq1MKxG70zPz5flKy9wa5lp1J44aGVULEwc5OEaMgS4Il8FNY4oX88qE5izUMI0GgmIP7wCNOI7-IuhU1saR2oS7tCTi7C95xCnH1CBfQv-5v8y3kgcETg02lbd3Gby11V6U-LlfVS9_AdAhspQSVnraUsbMUe-wz0uOc7QyxTWCcBKlPCyHn79T_VBXUiJzeBlN6-tXHFOJhilgpkKq_wp3i85QND7NvfnS5KhwTwSK0FkAlAgu-x7BosdfNl0s3jRbdyllDLVej-hvlrPG1wHbdfCkXZZJ3Ok0aerRW3lk0EulPzKMFkdLPINwC5o29RBBJT18gFAa70LR9nlX_aW_F5O1OcrB6bEOnjmBPMSZCtcsd99BdbxtTT1Z4XvfH2Ab1T60CEQXdx1Qte3D_nMmSgRe9PaxGoptqg27KAItyrIJ34sTodkwo6Cc8ooo0mmC0oYxQEIaCjFqpvNj5gqt6u6XNMFE48eUNUiwnI9BdmfMHxIgKysVHHG-JkW5_5FsScG8kwlHlkhYygmAOUPTdGlTXKd0WBxJbephsClJR59e4KNpYUJaKKAnsuFKU64COjC-6cOm_U1FgONiDizmPka9X149yRKYPLcTluQmua2oSoAzN2y_tXhA3FxE9WruBUFrci5zEzPWKiYwx8TJVdhX_Z_LlV43NciRRpEyjdDYCW_fn7ik1mv7ACT3lIxyqfGx5s950SjPFpgw9aLR9SpOi6hqgOGbWZC7faZ-Zs4lPezawSgNo-b5eqaeLQhh-4aTXGJDMbuNzLHItPzR0Fc_-VE5GKhrWCEgvSdQiFh1WU105PCIsgzGtyWdSbNDMwyl8cY9Ir358lzDaqti-SEYU8KE2dZiI8xLb-qUl2vzX3WVwq-1wT2EifYjYmdXdkJ9wFLJVcEBfcAp183Ghg55lVMSZxYag2Z5jKDgellfe5MY5ylO7KxAY-MkgFdvtHnk3aD65gnrpmiNuC3r_aFcc7sOhm87NZQZEH47juVmWBIOWaovLh39YvQEwRWms5i0ICeXckeGyLzzcHGLdk-rAmOS4Yt8zxLJYyJN92bA5BuFQU2VJmaaAd_RVO4FguiC1TeTKXmpruUL16_WaTF55HY7Q_6kHaz29IRcRv-urGhNx53F6qhWw6B9xef5jZ0g49nsMBMuc_8hsPagPbm2DfPKk6ZyT5cuEr4g5D-PXqtl0E3JLfCbBX1pbZtqtV8UNvdqodYCEat5WBZqPzbeIVfG08a80VQqGueR5k6CFOysfWLVXaUjrKZhShDDgQ0p2rxLk709Gauy3_1TKTu9axEGHyNPpsr4nSfwV2JOccYMKDOoeQ_g2oz8ITt5WN-geMoB4n86f1Kxgf_i3f4bqqLo&cid=CAQSPABpAlJWgVciTlpYYNEeDLTNyhjyL5jkVcEK4bczk-o6MCXoa78zMX7RjQ8AWxmUXoldomY9vibZYUC-CxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fs.yam.com%2F&ds=l&xdt=1&iif=1&cor=9768475925974686000&adk=521587874&idt=39&cac=0&dtd=60 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d490ed350b367d08c95a6db88f1c10f19c02aeb141c9bbccbaf94f2caf49d385 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38021 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame ECEF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1&C=1	43 B 631 B	9ms 5ms	Image image/gif	192.40.39.223 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCdng4Y-t-6twEwAQ&v=APEucNUS_i-90W2KNR_wQ3EFutOvZeZzugJnPTRDedYhmr-P-WU20e4IqQ96U2Sfi2-r9GgeovRI6JUOAXTq1MdjDouZUlUiKw Protocol HTTP/1.1 Server 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Pragma no-cache Date Sat, 19 Aug 2023 12:40:54 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Sat, 19 Aug 2023 12:40:54 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame ECEF Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOC4VmlLTxq0EnafqmHWCwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1	43 B 631 B	5ms 5ms	Image image/gif	192.40.39.223 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCdng4Y-t-6twEwAQ&v=APEucNUS_i-90W2KNR_wQ3EFutOvZeZzugJnPTRDedYhmr-P-WU20e4IqQ96U2Sfi2-r9GgeovRI6JUOAXTq1MdjDouZUlUiKw Protocol HTTP/1.1 Server 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Pragma no-cache Date Sat, 19 Aug 2023 12:40:54 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNSid4kKcTZsk9W3VHQ9Q8&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame ECEF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEJI9cK-YfjJyRUia23a70vM&google_cver=1	43 B 841 B	8ms 7ms	Image image/gif	68.67.160.76 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEJI9cK-YfjJyRUia23a70vM&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCdng4Y-t-6twEwAQ&v=APEucNUS_i-90W2KNR_wQ3EFutOvZeZzugJnPTRDedYhmr-P-WU20e4IqQ96U2Sfi2-r9GgeovRI6JUOAXTq1MdjDouZUlUiKw Protocol H2 Server 68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT an-x-request-uuid c06a5b78-20c3-4acb-a458-75757e6e9472 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 5.181.234.134; 5.181.234.134; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEJI9cK-YfjJyRUia23a70vM&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame ECEF Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NDYyNzg3NzYyNTAxMjU5Mg%3D%3D	170 B 188 B	23ms 22ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NDYyNzg3NzYyNTAxMjU5Mg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCdng4Y-t-6twEwAQ&v=APEucNUS_i-90W2KNR_wQ3EFutOvZeZzugJnPTRDedYhmr-P-WU20e4IqQ96U2Sfi2-r9GgeovRI6JUOAXTq1MdjDouZUlUiKw Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT an-x-request-uuid 09bc92ba-494f-4a4b-8b3d-8181e488374b server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NDYyNzg3NzYyNTAxMjU5Mg%3D%3D x-proxy-origin 5.181.234.134; 5.181.234.134; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 04D3	2 KB 1 KB	31ms 8ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 04D3	2 KB 1 KB	33ms 11ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 04D3	308 B 636 B	10ms 8ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 04D3	293 B 621 B	11ms 9ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	lg.php cat.va.us.criteo.com/delivery/ Frame 04D3	43 B 348 B	41ms 11ms	Image image/gif	74.119.119.147 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=-TnVTT_HOd5KbAj_gxYNzOudXv_dlP6obEhF5Xb7vHWXvmu5dS5w15o76GsEUUOuJ7rUx-xVY81ZDmHKiCy4xW9s4q4Y1dkfUVo9cFmbo4-EW4ruBJuvB4z3rsbLaiMFUpoCnzsqi-uJ0I5Wu9EN4aAurh8ZtUf6Y7y0-pU7G8ySsAgH9yF71YBVuVf6gUSbSyu6IoXvndrRvmDPTzbCdWkSKxMZuTv0nMAm5h2tDKZObr_cq_6m-3pl5IVDZvkFQ9QCh3PPQ-_zGxFE6KovWfpDziwvX8W05tEHTc3YuLmHxRsgm_svJX5u7ZXd0mpP8keOZIuoA3aCJWd63q0LK6M1TacJsFCQlk6dok60H8hdEBvpw9fH3WyNjnCCIVD0dQjR40ucDZEdtj2REgSck7iyvJXmS-ynC64VCSqMX8S7QGDIWAnKzNyFkcwXFWB2zFR6Hw Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.147 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1545506 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ d.agkn.com/pixel/8538/ Frame 04D3	43 B 564 B	26ms 13ms	Image image/gif	2600:9000:2514:5800:19:fc2c:a140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.agkn.com/pixel/8538/?che=64e0b855843054a34d8479d4fcbc2d80&col=357080,0,0,0,11280071,64e0b855843054a34d8479d4fcbc2d80 Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:5800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT via 1.1 6379820fbac3eca5570c58b520f7931e.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P8 x-cache Miss from cloudfront p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type image/gif cache-control no-cache, must-revalidate content-length 43 x-amz-cf-id 2S8WaQnnUeDmvz_MHQuBw4Z5GnKdonvRdwQgRLA6HDwJIWT2FvOQVg== expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame B83D	2 KB 1 KB	10ms 9ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame B83D	2 KB 1 KB	11ms 10ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame B83D	308 B 636 B	20ms 18ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame B83D	293 B 621 B	10ms 8ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	lg.php cat.va.us.criteo.com/delivery/ Frame B83D	43 B 347 B	19ms 11ms	Image image/gif	74.119.119.147 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=33UWtD_HOd5KbAj_gxYNzOudXv-bO9ISdHNv465z99hBNQEIMVsxDXKV88pXGXhbWBrVAJnAi25aUQm3VPWsHTFzww1f94zY5M4qSTsd8tagCoDDiLrn218jcKOQBuLez9OWdkeIm8Gdbw3bljUC_UgPAIbblXB21mikRpEx_yBHpdMzIssVNMPmE2YDmqf6VwWv26QRCJynGKNqvN7LofkZ2MqSXHp8KB-Ppz5I3Q-ukAqMckp9E2n1o-VMAgIPtbHN8jknDv-q8sF3Gn842nqQL-LG5XxJ3_SLqY5I6Y04th9SO2WgX2Q_3nbqpHhhEoUV95JwUP0davT5T-H4Hd57yCYax8aBphYkWpZ9V1wbsSTz82FDsRCrHGS71GYpyCKcWfnz9TxwQGTQ64PHEEtUFaCMW9t4QQhmMlBQVkAkZMJIpz_BUoRa7AYknxQ2Wu_v2w7juFhkggwpqts-UVhlQho Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.147 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1777464 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ d.agkn.com/pixel/8538/ Frame B83D	43 B 560 B	17ms 16ms	Image image/gif	2600:9000:2514:5800:19:fc2c:a140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.agkn.com/pixel/8538/?che=64e0b8559eb1a5e1d539e68c6519c619&col=357080,0,0,0,11280071,64e0b8559eb1a5e1d539e68c6519c619 Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:5800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT via 1.1 6379820fbac3eca5570c58b520f7931e.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P8 x-cache Miss from cloudfront p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type image/gif cache-control no-cache, must-revalidate content-length 43 x-amz-cf-id AWSyr3nxLtq3HF8A9v7en9hrUWPWoWLa_wR51pTmBiCqWy1JNeBVeA== expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 04D3	12 KB 5 KB	33ms 20ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 328311 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4418 last-modified Thu, 22 Jun 2023 11:22:44 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942f04-1142" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMSppVhUs84lM%2B7q7qNIDHxlAQHwjryEvJbA%2B%2FA7BkCa8TD8lBaO5V%2BShQzmme2RyUxIAU3I5iMVdNwS%2FGQMLY1NT7yX6wyyXfvpH%2BXA%2B9oUyngAMr7ESIu71nr%2BivCNKpiH%2BEBTXp5ro%2BjCEeO0d7Dn"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f9277ba294a8c7d-EWR expires Thu, 08 Aug 2024 12:40:54 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 04D3	12 KB 6 KB	9ms 9ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B83D	12 KB 5 KB	11ms 11ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 328311 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4418 last-modified Thu, 22 Jun 2023 11:22:44 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942f04-1142" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiZKF6uGgPG9akjKOm8jKq8dHLXltO1U7GW%2BhK2WgfCvIsrG5PpDkt6MvGkM%2B31xpRwuSdz85Xt3oPL5brDuVxOEEg51bm6vvo5mpDI1nBRoyBmbxsb5fboP9J%2BEl1Gr6nsUiJmpuqSUnAt8IdIk1kFe"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f9277ba395c8c7d-EWR expires Thu, 08 Aug 2024 12:40:54 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame B83D	12 KB 6 KB	16ms 15ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 22EC	35 B 465 B	76ms 12ms	Image image/gif	2620:116:800b:21:1456:d0e1:7db4:a56b AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECjWpZKd0VFAK9_3L2G7GBk&google_cver=1&google_push=AXcoOmTx1XopfDQ5wLjUNcnwK9eT1rNycrMwRikpcgaGF7aaAJ3U1F7tEl9nHKcT2Ofy5AETlsWWQqP-Xg336lqfkiD40vfvqitbhg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 22EC Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMHXbg-3oBQxOE_QSXE5KLQ&google_cver=1&google_push=AXcoOmSKYIqFM87-G4rNPxSOP471s7aIu3VaMTZ_VQxGD2rjXHm6mwbgD1MF2v32sNhEZoQTb8c2E... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSKYIqFM87-G4rNPxSOP471s7aIu3VaMTZ_VQxGD2rjXHm6mwbgD1MF2v32sNhEZoQTb8c2EvnIzWZ2hAXyrwIk0ja3PrJNCQ	170 B 188 B	22ms 22ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSKYIqFM87-G4rNPxSOP471s7aIu3VaMTZ_VQxGD2rjXHm6mwbgD1MF2v32sNhEZoQTb8c2EvnIzWZ2hAXyrwIk0ja3PrJNCQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 19 Aug 2023 12:40:53 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 7FE2C661082E4D1F82B3C29B47909910 Ref B: EWR311000107047 Ref C: 2023-08-19T12:40:54Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSKYIqFM87-G4rNPxSOP471s7aIu3VaMTZ_VQxGD2rjXHm6mwbgD1MF2v32sNhEZoQTb8c2EvnIzWZ2hAXyrwIk0ja3PrJNCQ x-li-proto http/2 content-length 0 x-li-uuid AAYDRfTBDByUOF1UHXU6ZA==
GET H3	200	pixel cm.g.doubleclick.net/ Frame 22EC Redirect Chain https://fksnk.com/cs/google?google_gid=CAESEPp_3TC9W9e5Ofb9KbM_uHQ&google_cver=1&google_push=AXcoOmS-yh_BxniA6B3q51I2jmG-kR-Pd9j6oNzaheeJ_nJy8xBXq2W_QaavlFgb9Q1xjYPAgOYun_aa1HCeqKNAcpDaeVxukQfl https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA==	170 B 188 B	28ms 21ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MUU0QjUzRkU2OEYzMTNDOA== date Sat, 19 Aug 2023 12:40:54 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 22EC Redirect Chain https://ums.acuityplatform.com/tum?umid=4&uid=CAESEILFgQq2gcZ2bYYZgRzEPnY&google_cver=1&google_push=AXcoOmT4MTFah6KlUKwc_CAU1al22MCybNYM3STNcXzn1X-bUveOhQ_yQtWogT7pHG4gxYXLJer8f8QlSgoHooe8A_t07NxG9... https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=815790472113	170 B 188 B	27ms 26ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=815790472113 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=815790472113 Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 22EC Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENLGXlIE2QQ37E-DbASM4wQ&google_cver=1&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INqsMm1nJ... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENLGXlIE2QQ37E-DbASM4wQ&google_cver=1&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INq... https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= https://x.bidswitch.net/sync?dsp_id=119&user_id=969188718339196429&expires=30&ssp=google https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INqsMm1nJBLz3j1SbNA&google_hm=CK2pxqBLRuqSFDfRrqCVJQ==	170 B 188 B	23ms 22ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INqsMm1nJBLz3j1SbNA&google_hm=CK2pxqBLRuqSFDfRrqCVJQ== Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRpFK0PSAKVeACcaCU5147iN4gCXD2Ozsz4wcv8taQknIYM6dB7Kwl5pY5cKr_VoVienERGMb9kEh9INqsMm1nJBLz3j1SbNA&google_hm=CK2pxqBLRuqSFDfRrqCVJQ== Date Sat, 19 Aug 2023 12:40:54 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 22EC Redirect Chain https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHHvv9MpL57J09mVJ_r7JZw&google_cver=1&google_push=AXcoOmQ8QNQh_R040wXJKhK5dGtKlsxCoJlPSzAlbCl7sd3ueFbK7Z1gw2zqUDlLSZXrLsAuXEzPSD4jTWzOpwh... https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TsQVy5XhU41iMArRnN9PSgW16oY&google_push=AXcoOmQ8QNQh_R040wXJKhK5dGtKlsxCoJlPSzAlbCl7sd3ueFbK7Z1gw2zqUDlLSZXrLsAuXEzPSD4jTWzOpw...	170 B 188 B	22ms 21ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TsQVy5XhU41iMArRnN9PSgW16oY&google_push=AXcoOmQ8QNQh_R040wXJKhK5dGtKlsxCoJlPSzAlbCl7sd3ueFbK7Z1gw2zqUDlLSZXrLsAuXEzPSD4jTWzOpwhzHDQMlwCDXvmfWw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=TsQVy5XhU41iMArRnN9PSgW16oY&google_push=AXcoOmQ8QNQh_R040wXJKhK5dGtKlsxCoJlPSzAlbCl7sd3ueFbK7Z1gw2zqUDlLSZXrLsAuXEzPSD4jTWzOpwhzHDQMlwCDXvmfWw Date Sat, 19 Aug 2023 12:40:54 GMT Connection keep-alive Content-Length 244 Content-Type text/html; charset=utf-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 22EC Redirect Chain https://trace.mediago.io/cs/google?google_gid=CAESEMT6xYthg6e3CtPe_mh3Osw&google_cver=1&google_push=AXcoOmQJJBUzmVBASjs9nYYBhYJYOp44fHzMUZFOeXriSRMSGQnjUnHoRyAcqdSqCP5RrVFuz9ykTj4LeTVmpjPl40touAcu7... https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQJJBUzmVBASjs9nYYBhYJYOp44fHzMUZFOeXriSRMSGQnjUnHoRyAcqdSqCP5RrVFuz9ykTj4LeTVmpjPl40touAcu7QKKFw8&google_hm=907a809f16b...	170 B 188 B	21ms 21ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQJJBUzmVBASjs9nYYBhYJYOp44fHzMUZFOeXriSRMSGQnjUnHoRyAcqdSqCP5RrVFuz9ykTj4LeTVmpjPl40touAcu7QKKFw8&google_hm=907a809f16bf23a6344ea343335e3c4b Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQJJBUzmVBASjs9nYYBhYJYOp44fHzMUZFOeXriSRMSGQnjUnHoRyAcqdSqCP5RrVFuz9ykTj4LeTVmpjPl40touAcu7QKKFw8&google_hm=907a809f16bf23a6344ea343335e3c4b date Sat, 19 Aug 2023 12:40:54 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 249 content-type text/html; charset=utf-8
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 22EC	0 12 B	21ms 20ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiA5uWHI3FyUP4Rk_Ceeb34DAPyuIA8pG5p1vg2CPwdEIsN8WkrRpTVRYWDQgLGceBN8NP7g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9F3C Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHvxv2meAbW9bubkPX172ig&google_cver=1&google_push=AXcoOmSkdaMaN5FmcHG63cw1wQSEyF5QO9WcxTYb7BdtTBaSNz7V5A1OEbcz7hqP7n8ULuTX_TtLacukgvzBrNP_3ERLqZPUggiQf70 https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzgyMDUzMTc2MjcxOTg3NjU4Ng==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHvxv2meAbW9bubkPX172ig&google_cver=1	43 B 398 B	113ms 26ms	Image image/gif	2620:112:f002:bbbb::21 TURN-US-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHvxv2meAbW9bubkPX172ig&google_cver=1 Protocol H2 Server 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHvxv2meAbW9bubkPX172ig&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9F3C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECAlt1s8wyV85ZQp7bONjHI&google_cver=1&google_push=AXcoOmQT-zzw4eYn6aHVvYBeUhdjhd-xkfXTqx15C7FlOmDaZu8Az2khwkAmmH65PQwYYN6ESyW82tSA-ts-noBI... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmQT-zzw4eYn6aHVvYBeUhdjhd-xkfXTqx15C7FlOmDaZu8Az2khwkAmmH65PQwYYN6ESyW82tSA-ts-noBIYYEt0fDQ...	170 B 188 B	24ms 22ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmQT-zzw4eYn6aHVvYBeUhdjhd-xkfXTqx15C7FlOmDaZu8Az2khwkAmmH65PQwYYN6ESyW82tSA-ts-noBIYYEt0fDQ1JpfmE4 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 19 Aug 2023 12:40:54 GMT Server MT3 1031 59fd23a master ord ord-pixel-x27 config_version:"1969" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmQT-zzw4eYn6aHVvYBeUhdjhd-xkfXTqx15C7FlOmDaZu8Az2khwkAmmH65PQwYYN6ESyW82tSA-ts-noBIYYEt0fDQ1JpfmE4 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Sat, 19 Aug 2023 12:40:53 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 9F3C	0 174 B	38ms 12ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDAq8ivgqm-qgeURVZZXGn4&google_cver=1&google_push=AXcoOmSLXYjhX-xaXudcJQ95JcDLAHfZbcTe80X5ZcEmMJrTl2ByU0gDVVjKQQKXVJ2bnCTAGlRgB5hsBLzVXQ5llvKY5CMe22jqqQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 9F3C	43 B 363 B	40ms 9ms	Image image/gif	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSqTbYYSJkCcJl1dQNMr3RKuWRLJENMMGZC8F61CRM7jsX61I1Rp99wj2io-dSlYH8QMuxuY76jboFkm_LIAnUDsoE2pM2O5w&google_gid=CAESELLEeWjNCUMMQ6CvgJ2-SNo&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 375057 expires Sat, 19 Aug 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9F3C Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELDzGjYOES2boxakbW5cqHc&google_cver=1&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSyw... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELDzGjYOES2boxakbW5cqHc&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSyw... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSywjEmC2Qad1mxJpFs0gY&google_hm=X2EzSnJ4Ui1DU1pMa...	170 B 188 B	25ms 22ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSywjEmC2Qad1mxJpFs0gY&google_hm=X2EzSnJ4Ui1DU1pMaW9haXVKV04= Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 19 Aug 2023 12:40:54 GMT Content-Type text/html; charset=utf-8 Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSpi0thxqT4J7CsPWMeXD7LdEHYe5wVeT9Zj0MabODLNW78ftAVG-mKOEulYQ6IpWP9fH8LIp5oZfSywjEmC2Qad1mxJpFs0gY&google_hm=X2EzSnJ4Ui1DU1pMaW9haXVKV04= P3p CP="We do not support P3P header." Cache-Control no-cache, no-store, must-revalidate Content-Length 239 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9F3C Redirect Chain https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPkIVbeGZX9vHlNXqjcpkF4&google_cver=1&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRlo... https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEPkIVbeGZX9vHlNXqjcpkF4%26google_cver%3D1%26google_push%3DAXcoOmTOA4bJaPcZmu3E7x... https://rtb2-useast.e-volution.ai/sync?adkuid=A6214146106271799771&exchange=193&google_gid=CAESEPkIVbeGZX9vHlNXqjcpkF4&google_cver=1&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU... https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYyMTQxNDYxMDYyNzE3OTk3NzE&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRl...	170 B 188 B	21ms 20ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYyMTQxNDYxMDYyNzE3OTk3NzE&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRlo4Cc6me2larc4WQLd64e25ie6 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTYyMTQxNDYxMDYyNzE3OTk3NzE&google_push=AXcoOmTOA4bJaPcZmu3E7xdywS-tD_BKjfh5H9l0jcFNHrK9_OuU1H6A61Ln-Lii7Nz6DSmeG0H8HRlo4Cc6me2larc4WQLd64e25ie6 Date Sat, 19 Aug 2023 12:40:54 GMT Server nginx Connection keep-alive Content-Length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9F3C Redirect Chain https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSNytrnXJmbUjwrgcUeFrchVfnjWF5stkB1EkQPB_NBpCKmWyfP1wBgnJHGrGeppbfJKSWW_KNCmsEpsZyt3M1ud5WCz3EemuTz&google_gid=CAESENvSv8Jws... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENvSv8Jwsf1PdnKjlTbABus&google_hm=T1BVMjQxNDAyYmVhMzlmNDQ2OThhZmM1MWNmYTUyZWU1MDk&google_nid=opera_norway_as&google_push=AXcoOmSNytrn...	170 B 188 B	21ms 20ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENvSv8Jwsf1PdnKjlTbABus&google_hm=T1BVMjQxNDAyYmVhMzlmNDQ2OThhZmM1MWNmYTUyZWU1MDk&google_nid=opera_norway_as&google_push=AXcoOmSNytrnXJmbUjwrgcUeFrchVfnjWF5stkB1EkQPB_NBpCKmWyfP1wBgnJHGrGeppbfJKSWW_KNCmsEpsZyt3M1ud5WCz3EemuTz Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server Tengine access-control-allow-methods POST, GET content-type text/html; charset=utf-8 access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENvSv8Jwsf1PdnKjlTbABus&google_hm=T1BVMjQxNDAyYmVhMzlmNDQ2OThhZmM1MWNmYTUyZWU1MDk&google_nid=opera_norway_as&google_push=AXcoOmSNytrnXJmbUjwrgcUeFrchVfnjWF5stkB1EkQPB_NBpCKmWyfP1wBgnJHGrGeppbfJKSWW_KNCmsEpsZyt3M1ud5WCz3EemuTz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With content-length 328 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 9F3C	0 12 B	21ms 18ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4D6x5NUnv7SULwu2klw0bFRiKpjoXmxzBXZT2Xh6_l8Y1WDrWV6hOabI6vMAZxjT-LmhbZSA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 0843	111 KB 39 KB	47ms 4ms	Script text/javascript	2607:f8b0:4006:81f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2006 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 11:07:41 GMT content-encoding gzip x-content-type-options nosniff age 5593 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 20 Aug 2023 11:07:41 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 0843	11 KB 4 KB	3ms 3ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Arjd5vfhFiOn0iju48iEVn38OB88zSlRGSP7dID4kAfCvWzyrcDffUbSAkeYxZqQhBdLl79BB04pt34QFpW3ehdich5Q&cry=1&dbm_d=AKAmf-Bn_0eAqhje88eO8ObazD2yWW9XDHlbmL-YsI2krGV-UjAtfrd_ebqx2mAYqJ7gcsUtFzYf9K_6HTzGdyaFTw-o3AJlbF3TkFBEhDVvC7xtbluTVNpLPb1ZCr78093RjBlVmytVR6oRNGpKMppNzOzYJ99p-zC1YZqQdJ4TG1caJ0PZ5b7gjS70fsqeKppipfnVdb2ARetJBrPf6J39GP51dSDYYC7XKbPNNT6reGZoQ8NDc7oSFtfg6X0RtjGO16FjOgHwVYeHNlwUISB5zey1E3ob2Ch8h1Nhb5z66SVruSMBqyBqk7Rar1MzLrzh9mz-BaQXrspNOScGX-8OtV41zNqJJq_0C1PY0NDd8WN240LyVD3oa4kG39V3_Hz5ohLV2LDw8-gG0Wjm_U9JeGI_h8zV126ghp3jaI-g-RfE3vRlsucxyDUv77AnYAv6xdmN5BJLR2Hm3wGl19U5hnGgvsDRnpAoJzZRnaVMlgVdPOVs-ABMj0xGjR2poQTMW9Jjq6x5yFyrj5LOBc39OiMR5FQ0V3C2hF27BsamtbWIIa2BeY6zxf9k3b52kdFe5sh8_B-rpYfXFcO3gPbCYmp0_Msu0RYN6Sf41iyick0ZgNBQr7Ke1klcyx9rLju5eP0FBQAXNZesi-UWfXOPipeK_e3ul--bsJ36As5EcJ4vqN6QoIh76aPajjwmoLSCc_q9hO8FmzxD2YOLrxgOD0n8YWokodmlR56zfnAjpThJ1l2tCnESzRM1DOIjiptLJbnrDjB3lCvMeD96uxM9BAIg6Fke9nawLhZE0F-cJSGpVGbGbwupI-LBZqIoCGBsJ665hA7GjPJLQNvfKkkyaLhtmUgyNnxElJvliBUsjUOLdFC_v36W-UhUmW1jJk7hncu1QuqwXOO-yW-jzzhcOIDcAyXbGjDYG-AGYmNhd9rbL3J8s78erjiwQ67Km_K9MZY_qysoI6ISALQFv0NRZAMJHR_KI1O4JkpWOqOGo_tIjNZ-WuoAu4S63Js5fWTDczGQ8XNMSe5jKBZ3F3zmYB_GxYTTEsqE0lGGvF4KZ43HF2ZfC8gjisQ2CpQADEGKShlnkuy_P7_D2pBe_BTJHxlgMO3GFKlKM_9UoOHGEokanYewbABxA6onuKaBcurHyR8ZAuyS9uJeAy2HH3XKCdbiMcLuzGNEJMf5wYUJdyqzt-AI0JdH4mfI4cCTLMTP1qxDHforxigR08sHLdoVGI55pQQNvfQWacKPNeLbsVvyIAXOXXleQnZPdd_UjdyQkIjub8KdmwuFc97ZSPvGjA-EniONNB_yls1xoOy8qreZIYXBHBZIJY4rJU_EaAw-UROV9WNfEfmlQxelc-CO3A07mMPvWfByD09hs1MJPQXhutf-AfrRonlfocOnX-FQFTLL9SSExaTIuJmFEiewTmXWYg0iBiyHYHv68wFjwY2D-040VczQG23NapJgH7hTckN8hkgsBKc7Yy7Ww7B8UYe-_0TzI7zjjCYpoL8YnSdGwVIFSkZVYFVLG1VCw1Y3NPkrTWHTRnpWbDm5J8X0c4nPC_9fLvrxir9d7jPQN6U6aXccXOMlOifCOAfKGVbLdOvpJL7XuJpfp-YdCRcEQeB94hY9qMlFIx_LdcHUrzLdvWEXC5HqewNP8ctnRsZflOpFaY20-d6IlysdqAMtg55hIVXkdOo2eCoMSvWD25Ma6CtMJOml2NvtRHT98r0qAe5azZZ9f58dWFZ8X62Aea6hBZJfQ_6sedMtq8gR-Mn6TrR4PMUZ2qGikgoLWgaY5KoQVlHbAF0zJpYDXlD0wPrVkSPu9654iVG7fTHT1qJuw039R0aPU8NcTJFm1PCUEiygj0znfWQcQt6pLz7nYDzHJbLTkFIpIVzXP7pR5K3jkVvK70lDJx_YlRRg_X8j07NWjpGy2kxUjrrvr-7WqLiZDWg-Aai5PWRzmZVe2kt0-EQ1tKBNq-pH5E1jYCsetamNOIjp7XiuPeToEG--YhtjkXqm01wkjPIklr7nGIUrZk-XMVswMzg5L09eRnFBzcUOiQ1ZKJvSRUHIq9Y5BoQ_Tz_Na-1-fzLOOd7wGTNcfdQCxXPrC5WvhtkVC3I_2YSp_c16BGDw5DFn6FTYPN2QHEaEAKraqChJWbgzv6R5megcXNT8ArGujPyGgeq4GP1hLBMcshn2jpHZxhoVq1MKxG70zPz5flKy9wa5lp1J44aGVULEwc5OEaMgS4Il8FNY4oX88qE5izUMI0GgmIP7wCNOI7-IuhU1saR2oS7tCTi7C95xCnH1CBfQv-5v8y3kgcETg02lbd3Gby11V6U-LlfVS9_AdAhspQSVnraUsbMUe-wz0uOc7QyxTWCcBKlPCyHn79T_VBXUiJzeBlN6-tXHFOJhilgpkKq_wp3i85QND7NvfnS5KhwTwSK0FkAlAgu-x7BosdfNl0s3jRbdyllDLVej-hvlrPG1wHbdfCkXZZJ3Ok0aerRW3lk0EulPzKMFkdLPINwC5o29RBBJT18gFAa70LR9nlX_aW_F5O1OcrB6bEOnjmBPMSZCtcsd99BdbxtTT1Z4XvfH2Ab1T60CEQXdx1Qte3D_nMmSgRe9PaxGoptqg27KAItyrIJ34sTodkwo6Cc8ooo0mmC0oYxQEIaCjFqpvNj5gqt6u6XNMFE48eUNUiwnI9BdmfMHxIgKysVHHG-JkW5_5FsScG8kwlHlkhYygmAOUPTdGlTXKd0WBxJbephsClJR59e4KNpYUJaKKAnsuFKU64COjC-6cOm_U1FgONiDizmPka9X149yRKYPLcTluQmua2oSoAzN2y_tXhA3FxE9WruBUFrci5zEzPWKiYwx8TJVdhX_Z_LlV43NciRRpEyjdDYCW_fn7ik1mv7ACT3lIxyqfGx5s950SjPFpgw9aLR9SpOi6hqgOGbWZC7faZ-Zs4lPezawSgNo-b5eqaeLQhh-4aTXGJDMbuNzLHItPzR0Fc_-VE5GKhrWCEgvSdQiFh1WU105PCIsgzGtyWdSbNDMwyl8cY9Ir358lzDaqti-SEYU8KE2dZiI8xLb-qUl2vzX3WVwq-1wT2EifYjYmdXdkJ9wFLJVcEBfcAp183Ghg55lVMSZxYag2Z5jKDgellfe5MY5ylO7KxAY-MkgFdvtHnk3aD65gnrpmiNuC3r_aFcc7sOhm87NZQZEH47juVmWBIOWaovLh39YvQEwRWms5i0ICeXckeGyLzzcHGLdk-rAmOS4Yt8zxLJYyJN92bA5BuFQU2VJmaaAd_RVO4FguiC1TeTKXmpruUL16_WaTF55HY7Q_6kHaz29IRcRv-urGhNx53F6qhWw6B9xef5jZ0g49nsMBMuc_8hsPagPbm2DfPKk6ZyT5cuEr4g5D-PXqtl0E3JLfCbBX1pbZtqtV8UNvdqodYCEat5WBZqPzbeIVfG08a80VQqGueR5k6CFOysfWLVXaUjrKZhShDDgQ0p2rxLk709Gauy3_1TKTu9axEGHyNPpsr4nSfwV2JOccYMKDOoeQ_g2oz8ITt5WN-geMoB4n86f1Kxgf_i3f4bqqLo&cid=CAQSPABpAlJWgVciTlpYYNEeDLTNyhjyL5jkVcEK4bczk-o6MCXoa78zMX7RjQ8AWxmUXoldomY9vibZYUC-CxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fs.yam.com%2F&ds=l&xdt=1&iif=1&cor=9768475925974686000&adk=521587874&idt=39&cac=0&dtd=60 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 06:22:01 GMT content-encoding br x-content-type-options nosniff age 22733 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4196 x-xss-protection 0 server cafe etag 15907914729094346842 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 02 Sep 2023 06:22:01 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 0843	30 KB 11 KB	4ms 3ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Arjd5vfhFiOn0iju48iEVn38OB88zSlRGSP7dID4kAfCvWzyrcDffUbSAkeYxZqQhBdLl79BB04pt34QFpW3ehdich5Q&cry=1&dbm_d=AKAmf-Bn_0eAqhje88eO8ObazD2yWW9XDHlbmL-YsI2krGV-UjAtfrd_ebqx2mAYqJ7gcsUtFzYf9K_6HTzGdyaFTw-o3AJlbF3TkFBEhDVvC7xtbluTVNpLPb1ZCr78093RjBlVmytVR6oRNGpKMppNzOzYJ99p-zC1YZqQdJ4TG1caJ0PZ5b7gjS70fsqeKppipfnVdb2ARetJBrPf6J39GP51dSDYYC7XKbPNNT6reGZoQ8NDc7oSFtfg6X0RtjGO16FjOgHwVYeHNlwUISB5zey1E3ob2Ch8h1Nhb5z66SVruSMBqyBqk7Rar1MzLrzh9mz-BaQXrspNOScGX-8OtV41zNqJJq_0C1PY0NDd8WN240LyVD3oa4kG39V3_Hz5ohLV2LDw8-gG0Wjm_U9JeGI_h8zV126ghp3jaI-g-RfE3vRlsucxyDUv77AnYAv6xdmN5BJLR2Hm3wGl19U5hnGgvsDRnpAoJzZRnaVMlgVdPOVs-ABMj0xGjR2poQTMW9Jjq6x5yFyrj5LOBc39OiMR5FQ0V3C2hF27BsamtbWIIa2BeY6zxf9k3b52kdFe5sh8_B-rpYfXFcO3gPbCYmp0_Msu0RYN6Sf41iyick0ZgNBQr7Ke1klcyx9rLju5eP0FBQAXNZesi-UWfXOPipeK_e3ul--bsJ36As5EcJ4vqN6QoIh76aPajjwmoLSCc_q9hO8FmzxD2YOLrxgOD0n8YWokodmlR56zfnAjpThJ1l2tCnESzRM1DOIjiptLJbnrDjB3lCvMeD96uxM9BAIg6Fke9nawLhZE0F-cJSGpVGbGbwupI-LBZqIoCGBsJ665hA7GjPJLQNvfKkkyaLhtmUgyNnxElJvliBUsjUOLdFC_v36W-UhUmW1jJk7hncu1QuqwXOO-yW-jzzhcOIDcAyXbGjDYG-AGYmNhd9rbL3J8s78erjiwQ67Km_K9MZY_qysoI6ISALQFv0NRZAMJHR_KI1O4JkpWOqOGo_tIjNZ-WuoAu4S63Js5fWTDczGQ8XNMSe5jKBZ3F3zmYB_GxYTTEsqE0lGGvF4KZ43HF2ZfC8gjisQ2CpQADEGKShlnkuy_P7_D2pBe_BTJHxlgMO3GFKlKM_9UoOHGEokanYewbABxA6onuKaBcurHyR8ZAuyS9uJeAy2HH3XKCdbiMcLuzGNEJMf5wYUJdyqzt-AI0JdH4mfI4cCTLMTP1qxDHforxigR08sHLdoVGI55pQQNvfQWacKPNeLbsVvyIAXOXXleQnZPdd_UjdyQkIjub8KdmwuFc97ZSPvGjA-EniONNB_yls1xoOy8qreZIYXBHBZIJY4rJU_EaAw-UROV9WNfEfmlQxelc-CO3A07mMPvWfByD09hs1MJPQXhutf-AfrRonlfocOnX-FQFTLL9SSExaTIuJmFEiewTmXWYg0iBiyHYHv68wFjwY2D-040VczQG23NapJgH7hTckN8hkgsBKc7Yy7Ww7B8UYe-_0TzI7zjjCYpoL8YnSdGwVIFSkZVYFVLG1VCw1Y3NPkrTWHTRnpWbDm5J8X0c4nPC_9fLvrxir9d7jPQN6U6aXccXOMlOifCOAfKGVbLdOvpJL7XuJpfp-YdCRcEQeB94hY9qMlFIx_LdcHUrzLdvWEXC5HqewNP8ctnRsZflOpFaY20-d6IlysdqAMtg55hIVXkdOo2eCoMSvWD25Ma6CtMJOml2NvtRHT98r0qAe5azZZ9f58dWFZ8X62Aea6hBZJfQ_6sedMtq8gR-Mn6TrR4PMUZ2qGikgoLWgaY5KoQVlHbAF0zJpYDXlD0wPrVkSPu9654iVG7fTHT1qJuw039R0aPU8NcTJFm1PCUEiygj0znfWQcQt6pLz7nYDzHJbLTkFIpIVzXP7pR5K3jkVvK70lDJx_YlRRg_X8j07NWjpGy2kxUjrrvr-7WqLiZDWg-Aai5PWRzmZVe2kt0-EQ1tKBNq-pH5E1jYCsetamNOIjp7XiuPeToEG--YhtjkXqm01wkjPIklr7nGIUrZk-XMVswMzg5L09eRnFBzcUOiQ1ZKJvSRUHIq9Y5BoQ_Tz_Na-1-fzLOOd7wGTNcfdQCxXPrC5WvhtkVC3I_2YSp_c16BGDw5DFn6FTYPN2QHEaEAKraqChJWbgzv6R5megcXNT8ArGujPyGgeq4GP1hLBMcshn2jpHZxhoVq1MKxG70zPz5flKy9wa5lp1J44aGVULEwc5OEaMgS4Il8FNY4oX88qE5izUMI0GgmIP7wCNOI7-IuhU1saR2oS7tCTi7C95xCnH1CBfQv-5v8y3kgcETg02lbd3Gby11V6U-LlfVS9_AdAhspQSVnraUsbMUe-wz0uOc7QyxTWCcBKlPCyHn79T_VBXUiJzeBlN6-tXHFOJhilgpkKq_wp3i85QND7NvfnS5KhwTwSK0FkAlAgu-x7BosdfNl0s3jRbdyllDLVej-hvlrPG1wHbdfCkXZZJ3Ok0aerRW3lk0EulPzKMFkdLPINwC5o29RBBJT18gFAa70LR9nlX_aW_F5O1OcrB6bEOnjmBPMSZCtcsd99BdbxtTT1Z4XvfH2Ab1T60CEQXdx1Qte3D_nMmSgRe9PaxGoptqg27KAItyrIJ34sTodkwo6Cc8ooo0mmC0oYxQEIaCjFqpvNj5gqt6u6XNMFE48eUNUiwnI9BdmfMHxIgKysVHHG-JkW5_5FsScG8kwlHlkhYygmAOUPTdGlTXKd0WBxJbephsClJR59e4KNpYUJaKKAnsuFKU64COjC-6cOm_U1FgONiDizmPka9X149yRKYPLcTluQmua2oSoAzN2y_tXhA3FxE9WruBUFrci5zEzPWKiYwx8TJVdhX_Z_LlV43NciRRpEyjdDYCW_fn7ik1mv7ACT3lIxyqfGx5s950SjPFpgw9aLR9SpOi6hqgOGbWZC7faZ-Zs4lPezawSgNo-b5eqaeLQhh-4aTXGJDMbuNzLHItPzR0Fc_-VE5GKhrWCEgvSdQiFh1WU105PCIsgzGtyWdSbNDMwyl8cY9Ir358lzDaqti-SEYU8KE2dZiI8xLb-qUl2vzX3WVwq-1wT2EifYjYmdXdkJ9wFLJVcEBfcAp183Ghg55lVMSZxYag2Z5jKDgellfe5MY5ylO7KxAY-MkgFdvtHnk3aD65gnrpmiNuC3r_aFcc7sOhm87NZQZEH47juVmWBIOWaovLh39YvQEwRWms5i0ICeXckeGyLzzcHGLdk-rAmOS4Yt8zxLJYyJN92bA5BuFQU2VJmaaAd_RVO4FguiC1TeTKXmpruUL16_WaTF55HY7Q_6kHaz29IRcRv-urGhNx53F6qhWw6B9xef5jZ0g49nsMBMuc_8hsPagPbm2DfPKk6ZyT5cuEr4g5D-PXqtl0E3JLfCbBX1pbZtqtV8UNvdqodYCEat5WBZqPzbeIVfG08a80VQqGueR5k6CFOysfWLVXaUjrKZhShDDgQ0p2rxLk709Gauy3_1TKTu9axEGHyNPpsr4nSfwV2JOccYMKDOoeQ_g2oz8ITt5WN-geMoB4n86f1Kxgf_i3f4bqqLo&cid=CAQSPABpAlJWgVciTlpYYNEeDLTNyhjyL5jkVcEK4bczk-o6MCXoa78zMX7RjQ8AWxmUXoldomY9vibZYUC-CxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fs.yam.com%2F&ds=l&xdt=1&iif=1&cor=9768475925974686000&adk=521587874&idt=39&cac=0&dtd=60 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Fri, 18 Aug 2023 14:23:32 GMT content-encoding br x-content-type-options nosniff age 80242 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11536 x-xss-protection 0 server cafe etag 2200807439755941123 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Sep 2023 14:23:32 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 0843	41 KB 13 KB	5ms 5ms	Script text/javascript	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Wed, 16 Aug 2023 11:07:41 GMT content-encoding br x-content-type-options nosniff age 264793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Aug 2024 11:07:41 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 906E	1 KB 643 B	6ms 3ms	Document text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 24103 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 05:59:11 GMT etag 48472445140208031 expires Sun, 20 Aug 2023 05:59:11 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 0843	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f9e5ce98e7e9dfc10964f60fc21ed4ca566b43b879ad029635e9ee47b4f47c77 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png
POST H2	200	all csm.us.criteo.net/ Frame 04D3	0 127 B	40ms 9ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=VnmvB6g7teU57uXXYr1-BtY8E6hp5Kur5GDczC7LMSWhn4cgUFr-clpHH3DGSmfVJTSQ7eDN-8VW1CcShy_rrH-WAzfKmR277WfXcA-AziIuAnlTJ2cnguC78FoYuxYUXGv5wwi8uycu_3S8aQuGUZerNNGWAVEIto0DlSxpKUdK6f_vbErkLxmf45J94o_7LWOmt4FsFbDMBO2fb2C6iVeS9n-VcSs0oHv_UtyhygnGEp0voUUlwbKQ_WjW2m5_p1HoHQ&sds=2&rev=88037&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 19 Aug 2023 12:40:53 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 04D3	2 KB 1 KB	11ms 11ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 04D3	2 KB 1 KB	9ms 8ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
POST H2	200	all csm.us.criteo.net/ Frame B83D	0 128 B	27ms 9ms	Ping text/plain	2620:100:a001::16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=U2lwCag7teU57uXXRPmKxG6dFfDUARNtEH6lRM_XMkGfk-cSjaD7avWCOsbPPJJv6PtLwCsurx0su_orjGFplmdGAv9UYao9PpyYEUlJGOhlarrOwIcH_HHi_Ky-kDZE39p6B2xioDKsqfIWhTyTxT6tQTDe5CEeERho9e6tM7DANGcei4JbheopQWFwjSGxAclIIquSQAD-MGT5VT-HzHE7H_E_y5HoqGzXNsw2Wt0ic6wmgbgs_uogq_jVDwBmkUNSkBPWLcxnPdKZ&sds=2&rev=88037&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 19 Aug 2023 12:40:53 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame B83D	2 KB 1 KB	10ms 9ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame B83D	2 KB 1 KB	11ms 11ms	Image image/svg+xml	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 742D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	29ms 28ms	Document text/html	2607:f8b0:4006:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:54 GMT expires Sat, 19 Aug 2023 12:40:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 19 Aug 2023 12:40:54 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame ACC8	37 KB 14 KB	11ms 4ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 15 Aug 2023 21:15:24 GMT content-encoding br x-content-type-options nosniff age 314730 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 14 Aug 2024 21:15:24 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 42B3	0 0	65ms 62ms	Image text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=3310095204787598&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H3	200	pixel cm.g.doubleclick.net/ Frame 906E Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECjWpZKd0VFAK9_3L2G7GBk&google_cver=1&google_push=AXcoOmR74uIWNdBaLWiwCjGoL6X47sUdemf7w7UEiaJUIMoxcprJBjGPTx... https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR74uIWNdBaLWiwCjGoL6X47sUdemf7w7UEiaJUIMoxcprJBjGPTxwDDHTjGZz-6_tmWaJBxogUg90PlAARaOT03GUClQ24nfQ&google_hm=HPN...	170 B 188 B	45ms 44ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR74uIWNdBaLWiwCjGoL6X47sUdemf7w7UEiaJUIMoxcprJBjGPTxwDDHTjGZz-6_tmWaJBxogUg90PlAARaOT03GUClQ24nfQ&google_hm=HPNkUjm0ybvIyfKZykyYhw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmR74uIWNdBaLWiwCjGoL6X47sUdemf7w7UEiaJUIMoxcprJBjGPTxwDDHTjGZz-6_tmWaJBxogUg90PlAARaOT03GUClQ24nfQ&google_hm=HPNkUjm0ybvIyfKZykyYhw pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT cache-control private, no-cache, no-store, proxy-revalidate strict-transport-security max-age=86400 content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 906E Redirect Chain https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8XM&google_cver=1&google_push=AXcoOmSgt6mInsE4PVqb5UzfGlHek4uVPMA7b-1JEAy2bu7VSVpPfUN... https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=54e5be322e04161a&is_secure=true&networkId=14000&version=1&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8XM&google_cver=1&google_push=AXcoOmSgt6mI... https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACAnVdsuf22QMwaFJOAAAAAAA&expiration=1692535254&google_cver=1&is_secure=true&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8...	170 B 188 B	21ms 21ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACAnVdsuf22QMwaFJOAAAAAAA&expiration=1692535254&google_cver=1&is_secure=true&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8XM&google_push=AXcoOmSgt6mInsE4PVqb5UzfGlHek4uVPMA7b-1JEAy2bu7VSVpPfUNcLBRl5gTX9TsfA7PPIKbtFXbThIdFGXcttvx73kYScgU-lw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACAnVdsuf22QMwaFJOAAAAAAA&expiration=1692535254&google_cver=1&is_secure=true&google_gid=CAESEKkDkxUP9GSRYMLtrcpV8XM&google_push=AXcoOmSgt6mInsE4PVqb5UzfGlHek4uVPMA7b-1JEAy2bu7VSVpPfUNcLBRl5gTX9TsfA7PPIKbtFXbThIdFGXcttvx73kYScgU-lw cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 906E Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cnU3bHlFazUxUXhsZ2E1&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&google_cver=1&google_push=AXcoOmR_oCUb-MN4x-u4MJSkzWfRn3DbbqEUB-vJgXM-Mgw...	170 B 188 B	23ms 22ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cnU3bHlFazUxUXhsZ2E1&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&google_cver=1&google_push=AXcoOmR_oCUb-MN4x-u4MJSkzWfRn3DbbqEUB-vJgXM-Mgw32PVf4Py3llZ40byLgvsd170ma8pSeh1cG-7CwSe74WBWlFN1-pYL1_w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 19 Aug 2023 12:40:53 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0da94c7f55bec3b76@us-east-1b@dxedge-app-us-east-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cnU3bHlFazUxUXhsZ2E1&google_gid=CAESECLkx2FjTvcr6tFwnajJ_aU&google_cver=1&google_push=AXcoOmR_oCUb-MN4x-u4MJSkzWfRn3DbbqEUB-vJgXM-Mgw32PVf4Py3llZ40byLgvsd170ma8pSeh1cG-7CwSe74WBWlFN1-pYL1_w Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 906E Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECAlt1s8wyV85ZQp7bONjHI&google_cver=1&google_push=AXcoOmR0dfZtF7blzVJq_va2duHlPXgvulbT9a4SVieFcoh3jJHGo-qEtVzpQSqJyay_-BlC6eewOW1RYHhlBAXU... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmR0dfZtF7blzVJq_va2duHlPXgvulbT9a4SVieFcoh3jJHGo-qEtVzpQSqJyay_-BlC6eewOW1RYHhlBAXUpWCVt-Vr...	170 B 188 B	48ms 47ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmR0dfZtF7blzVJq_va2duHlPXgvulbT9a4SVieFcoh3jJHGo-qEtVzpQSqJyay_-BlC6eewOW1RYHhlBAXUpWCVt-VrkiqbVaE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 19 Aug 2023 12:40:54 GMT Server MT3 1031 59fd23a master ord ord-pixel-x15 config_version:"1969" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=mvRk4LhWSgCmbJ6c36LXCA&google_push=AXcoOmR0dfZtF7blzVJq_va2duHlPXgvulbT9a4SVieFcoh3jJHGo-qEtVzpQSqJyay_-BlC6eewOW1RYHhlBAXUpWCVt-VrkiqbVaE P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Sat, 19 Aug 2023 12:40:53 GMT
GET H/1.1	200 200	asr aid.send.microad.jp/g/ Frame 906E	43 B 641 B	603ms 198ms	Image image/gif	202.233.84.1 MICROAD MicroAd
General Check archive.org Show headers Download Go to Show image Full URL https://aid.send.microad.jp/g/asr?google_gid=CAESEGZXlvNwToPSWN0c3rKPHt8&google_cver=1&google_push=AXcoOmSetSWc30kFbxCcxQrnwNhV-8CpQID-1VfAk472IkelhXWfwORuKHhBMljZnBhS065p29v65IVaVPjh7qDryQKhloFw9zfHtA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=3600 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 19 Aug 2023 12:40:54 GMT Strict-Transport-Security max-age=3600 Server Apache P3P policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE" Access-Control-Allow-Origin * Content-Type image/gif Connection close Access-Control-Allow-Headers origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control Content-Length 43
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 906E	43 B 362 B	11ms 9ms	Image image/gif	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQIIJ6Fw_CeFnVsqGk05nYQaJrXl_3yy-H3UpwYQCDiStLFZI4hM8WecqOupc8K7_--HMp6j_2ivfi-b037ykDE0LgSChD6Hu0&google_gid=CAESELLEeWjNCUMMQ6CvgJ2-SNo&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:53 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 187031 expires Sat, 19 Aug 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 906E Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESECvhmInjNP9IOAel2-RP6wo&google_cver=1&google_push=AXcoOmSsfS1MAJo8t0A3HlwDQe2AxRiFItraMj21P8_8e6_Wbt6ZZi4vudsssLunabSRm-PTDqge... https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmSsfS1MAJo8t0A3HlwDQe2AxRiFItraMj21P8_8e6_Wbt6ZZi...	170 B 188 B	47ms 46ms	Image image/png	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmSsfS1MAJo8t0A3HlwDQe2AxRiFItraMj21P8_8e6_Wbt6ZZi4vudsssLunabSRm-PTDqgeevBq2DRVVArFzS3DN60SgXsZ6Zi0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=EB9odjhuSleAhhwFWWbKxg==&no_redirect=1&google_push=AXcoOmSsfS1MAJo8t0A3HlwDQe2AxRiFItraMj21P8_8e6_Wbt6ZZi4vudsssLunabSRm-PTDqgeevBq2DRVVArFzS3DN60SgXsZ6Zi0 date Sat, 19 Aug 2023 12:40:54 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 906E	0 12 B	20ms 19ms	Image text/html	142.250.176.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCFnMqs844r_4OUEC6sej03DYeKnTRrdaBzVHwnF8IZZrvxbKRkZHbcyomZ-GylS7g4JRqvA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame 7D9C	37 KB 14 KB	4ms 4ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 15 Aug 2023 21:15:24 GMT content-encoding br x-content-type-options nosniff age 314730 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 14 Aug 2024 21:15:24 GMT
GET H2	200	95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff static.criteo.net/design/dt/ Frame 04D3	25 KB 26 KB	36ms 16ms	Font application/octet-stream	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvoH48mnAA_-PAwiZKL2VLE1ywDnzw&u=%7Ca3dRsPaP2ssFS8nkdHYFZ3qZOw%2BWi5kVMJO8PNxXpXE%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqLJd9E94f8kcqnExVPrgtPvGvPB6oqWxE1KKMEZRXBuBEgcnjn6HdpoN59hHMR0bu70FqWWZbvSXj7PizcnZl9pbR3G302CXEz_bItt8NzDtPBZTcwwtlLRsfOHGNb2bf57Cqk0WJgyaIhPzmbVu61Im5mtgz-99eawBS8tXvrDf8rUUWCoFApwf2IeTtXsssJgPzRC60QHPN2sIkbo4nUB9L9mKeM8tvo2QP1hwwX8EOttyR84uokShDMBFJbbxjCGDfFbwO3_vb7oFw6TuXiRObPvZKK_4PUXzdPUdgPJTtTRmh-gIdfXUe6zNYLNN4kLps2s6YBu8r85SdEiewPgz5AXHvAeK9LGceHtD2rAplkdwuL_oRaK4do4IwF2gDdXJms4tVlly2GUtxQF0eWEgxaQsW-R8v9VNtUYKTf1Ob4UWoJASIsEA6eMwjzo1agx2sQAquOHKQWtAulyJsl-rUsuE3KgxeFPF0Qz8J2L2pTY1xyQDW3lxsDHOq9UPRnopfXZAkUAVL4W1mtdjyO4DLPF5M4UggN4rwpJvNDfkAJy5_5D0QYY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFvfOVLjgZPr9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9DDdvuxSGd5TycJV83J5jh1N-mle01KWYAVYtMaA8w5QzbyWi_C6RH1dLnWe1tAfNoD8EZWWnBt_lYFN1uW3n7C39G2B5srwqgB0LDVTSXj9QrNUKWqnfCJ1o80YMbOaPCxcz6sGmF7VhDOrprGg9nb8BAQCNL778UDSMN70QInmchm2F3DAEKTwYI7fHW7qPzoeypNaGgOC19_7_dKoC_3K6uMCPWEEVW5cweRExPvY6gSXYAG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Mpve7n35fHy7Q1AmYAvXU0HN8PA%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ Origin https://ads.us.criteo.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 05 Feb 2021 21:58:27 GMT server nginx cross-origin-embedder-policy require-corp etag W/"601dbf83-65e8" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H2	200	95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff static.criteo.net/design/dt/ Frame B83D	25 KB 26 KB	40ms 21ms	Font application/octet-stream	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZOC4VAAMvvkH48mnAA_-PMV6b9lvVfTzSm-6kg&u=%7Ca3dRsPaP2svghmiyfXn1y4v6pEjnMzT9sKClgigrSGM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexE-QghxjbYkDekCyKsiJ9EK1PXmbX3ziumIet5tQOfcGMubIrz0yJbwDL6Uk9WiUzeQ93Q7LUvyqGKpRLPcuLoyrTHbcxv70yxPdda9qhhGlWkqPeotSZj9FhrlrPMThpAW0z11VdubUNGnwTfP8LJw1EkOGic-iP5J1znBJgROtS1gRdNfXUNvB8LbZqQD38NeIFJMso651UArBd1T1FpXM5wRCjh1L2APSxB20KMOJQhyl6sW7yNZexI1KDGd3NHp1e-FBZWbdB7CE025SX2LitKENoa7Rx0lfblHgCagxR02hr2dqs-q3I2uc8-fqVkR5L4Kbhxj6ADM14pnwW52YOUzHfU5H6WQJj9torG7lH0Z8U8VNmRXKVpKFxa1MnIEDCxKCLaKyi64KpitdtlJNWRW_vUfSwyUsdxzpJDnIMuq4WkUpZxkuqY3XYBwCN3Y_iAgBDXJM8G4PZND-SFT8sMZGi8RkRsgsw6By0O5g44pnMC2EkIFH5iUyykm_68W2DD9O2N-BQ_lBqRbAc8j8AKPovjwWRk5dw6LimmDwnsGcj15JfuESSeLDs9iSHXc3N0uK8Qg7gv59x9f1BgnbDsxo4cCvP0XLQ0AcElRkoKa7a4MQl_w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEjdIVLjgZPn9MqeTj-8PvPy_yAmcge-wXIqilqS0AcCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTI2NzUwMzcyOTY4NTM5NjjIAQmoAwHIAwKqBLUBT9AG0oOCvayUGoDo931BlKE7U6UW1j2oTR0cMVIVrwEJMtcu9TDPtCvd6PqlFakG5DUlRKF4HYRNPOmD0YqJv1HzCMU5yR2vPSk5wPio2P1zh3iJpFGCahdzj69_DRdpN1sp-a6XbGzaDJrWswOgUk_i_GPXnHLW-MNunGJd-FEugPMZ-QNnIqjFwZRytmbLLIKIfKOOZfwuH8Q4oWklqlHOH9ktoT69FHZ6CqEXfZYOfbVQV4AG5JK9rKPWh8uEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aqCaG-RQxLGdjmn5wGAE4ghXQgw%26client%3Dca-pub-2675037296853968%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ Origin https://ads.us.criteo.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 05 Feb 2021 21:58:27 GMT server nginx cross-origin-embedder-policy require-corp etag W/"601dbf83-65e8" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 13 Aug 2024 12:40:54 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/7896425576088820268/ Frame D465	8 KB 3 KB	19ms 4ms	Document text/html	2607:f8b0:4006:81f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2006 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 087fabd428e8abef3a918fdb5ceea359c9ee9ba84027ac96247104355b1a5916 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 270765 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 2709 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 16 Aug 2023 09:28:09 GMT expires Thu, 15 Aug 2024 09:28:09 GMT last-modified Thu, 04 Nov 2021 17:45:19 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0843	0 0	62ms 30ms	Fetch image/gif	142.250.81.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLbN7T-OgDOBsfuFuZTCXQ78otMM4Mu5wFqehLKGsBSVO3IbVFVPHCB86hwkosuStVJz1mMFnwjgJiKHEzNkyyycrMvqPl9SMsKCowNHZMsGyhVGJb48d_mbE5CmVZu-QLn5VduTeM_QN9qcBzVrg7v4gXznv5PRKOL0AhHATgrRMsFnienFE4SiV_jA4-2Rqtx1eZ3XOEPaUju9Zh5p11q_F4d4UdKhum-ujTEsPXI6XzH5PGODzQcOrnYwMm_fGZ8CK8BNmrWPFYOE_8O8UB2UDhby9Oag--kH7zmxG19c6W_oS_YxHHP1WTEGP-9sO15ouHrecBTlNWzZWP3KRey89pIfF4IThQhps093723-QOyBaprVfwJUWlpldLhlBK7glKYkHUiS9ef0YSVlTwGvYFib-0YlkULLjwNBS6BNr1nILTH65nooFlH74f1Q55Zt6ZCoZVU00jM8GKUk01Qb0mU2UbtRqYEAYYv46NhNdLCboqNGwu08LRMTFuuLSf0wx3VhBRUdU7d8T9PjUi6Mpt5LG-jzGx3djlngOb3WwMn9fMSNQjXA5U8Pwuc4k6b41rvKcxP0FRs9p0pLw8XaySmR8J_iN_XEhp2xZiCCzagxPGFzTGMaCNI_gfycX3TvcVzWI4c6F1tq79gTj_g-vKqUDrg--IvMMhjQ6XKQ74dhUPtTuX4UQQ7idBdF7RMfYevPYY25BKarUhiRLMyo9B_rrrUAT75LHOTSEgWXh9I-X16HQgJN4ILiOGOUua0pgwLlVMrUXIOfuGXtUMdSYgvE-e7QPA-XdYZLr1x-ju-DSxWhHpK0U1ahHiEk9_axU3hy1jcF_XAp7IhioAzweNi-vNuM26DIDKdAOB5xpjxt4snb1YbbypdGnOC5MBpuNf3eOB-dGdXU3J15fjRpvAl1bSzwoI06OEOcOcNRMmff14VaKl2BHvy0FLgCXB-WuS06WO10Qz0y7MtwoC8UiasrrYKf0VeZXP7MDWhTd4DWHhRm4BOo5rCwJKmJFUg-sj56adP40yG-nya8MMEdcwxSo0JaHf9CyEqhqMdaxQ74P-gyRIwgW56WpcpPDTzfqY7SWt_Kf3TwXVyzXaHDUyljzgGn35AYmfzfHFPQvf20NPsotuaHokX3h8lML4yyK0V9WJrHV_C5zjpru0S_dSSzmzKVmRuHZcnHp-VqoOgNMk6AOLsfGA58Mc3xZUGWWSiYOtJxvwRRzA6Sp33xF-fpaBIbGFGXuAu8xcpkfDvMGN42afk0BYg6ljj70jmZfcforEed6V0DjIqr5qjWblqmmsoVsv3K6ziXWzWZ2L9CkAJSKw8LOuLzKseBktnXDfWgjNv1jn&sai=AMfl-YRhq6bWYyTpvAXF1IEC5Ew4bgYoGLCMeP9zIXl1d1oANj5WENKqdJu55xCVFv21in2pR0Hi56VsWgHAMGDeeysFB3zKArrNcwplZMOzeYbLXvxEE-s8He2xGerzsaeL_Sy2MXpDqE8QJqNg4mOohQVPlkLbI--olnuTwOFxO0ozhUL6XbTXxG-eTvTZv9IVAvvYNl4SJSRYA-6DyK9_VmOYZviNASU0rKsmXxfULvhtAhmv3EttsbxYaGgckFgOtvefh_F6F1-Xk4DKDEaRzrTFwndgb9k&sig=Cg0ArKJSzKWtUA8VG2exEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&cbvp=1&cstd=143&cisv=r20230816.18196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 19 Aug 2023 12:40:54 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Sat, 19 Aug 2023 12:40:54 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame E538	22 KB 8 KB	35ms 14ms	Document text/html	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 264793 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 16 Aug 2023 11:07:41 GMT expires Thu, 15 Aug 2024 11:07:41 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	banner_728x90.min.css client.bannerspace.net/111329/ Frame D465	5 KB 2 KB	262ms 171ms	Stylesheet text/css	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://client.bannerspace.net/111329/banner_728x90.min.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash a190cb3fef1caa9719df1f801819c167affaa42afced9b6e394dca454732c2d8 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:54 GMT last-modified Thu, 03 Aug 2023 14:45:36 GMT server Apache vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 1394 expires Sat, 19 Aug 2023 13:10:54 GMT
GET H2	200	royal_dutch_airlines.svg client.bannerspace.net/111329/ Frame D465	6 KB 2 KB	261ms 170ms	Image image/svg+xml	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/royal_dutch_airlines.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:54 GMT last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 1846 expires Sat, 19 Aug 2023 13:10:54 GMT
GET H2	200	winglogo.svg client.bannerspace.net/111329/ Frame D465	5 KB 2 KB	91ms 91ms	Image image/svg+xml	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/winglogo.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:55 GMT last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 1891 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H2	200	TimelineLite.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame D465	12 KB 4 KB	12ms 11ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TimelineLite.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3123091 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3706 last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-3026" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipmaQEKm%2FCYAY7%2F3Bho8OSIWrNfw0nKKdSq%2FF6%2F3ZmBPNjNnWmN%2BRUaCPcTUrAvPnEgz5wp4g2T375B3ZiWAlOrfJ89zzw%2FumrowAOXnP%2BlcW%2FZzQZl3jnoM%2B0rT6YwrlmdCu1TmlLSlJG9B000%2BFP8O"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f9277be0c038c7d-EWR expires Thu, 08 Aug 2024 12:40:54 GMT
GET H2	200	TweenLite.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame D465	26 KB 9 KB	15ms 15ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5571811 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 8578 last-modified Mon, 04 May 2020 16:10:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e71-697f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0WG%2BrZgd4pJRSqk%2BHFT%2Bzr55Uj8s%2BYcGET%2FJOvFMrpp9N2JNMfiJqeq7CYu8AW0F2Yg1uqxyKYUkojcxxQdmCmKyN7azc2tJK4maq7G5%2B5KD2gsu9oAiRwI%2BUVDQPJ2gZOoZFSacn2X9t0U5dQmLZt9"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f9277be1c088c7d-EWR expires Thu, 08 Aug 2024 12:40:54 GMT
GET H3	200	CSSPlugin.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame D465	38 KB 14 KB	13ms 12ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 967841 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 13668 last-modified Thu, 22 Jun 2023 11:03:34 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942a86-3564" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcYDsMi8TU4pf8SJFYUfYQ6zsoCJIs6qHwtrkQRtvVpcUnc%2BkROY3X%2FosIdQxOYc30WkLozI0e5s%2BvqySZNDBkwKfeEGqOBtN8rnMOtwa8TlmAq7gqto4y9XzAmywP%2F0karrKU%2Fe8gv34ShuKbDGpm74"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f9277bf6ee842d7-EWR expires Thu, 08 Aug 2024 12:40:54 GMT
GET H3	200	EasePack.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame D465	5 KB 2 KB	17ms 16ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 97769 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1730 last-modified Thu, 22 Jun 2023 11:03:34 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942a86-6c2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB1mEXKh0%2BPGMPHSltjDNY4eeWZtC%2BrzrfMDVBvjpj9b8ECRK0phSAi8im2Er%2F5NMEVAxxBmXeMuknvSIB2NWUkpSJ8ZMLNRuLbN%2Fxg0nKKJA%2FDjyYoXKTsaSIXk8iYggxfuE4h2I%2B3Zpp%2FZsYa9VtBN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f9277bf6eea42d7-EWR expires Thu, 08 Aug 2024 12:40:54 GMT
GET H3	200	-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response pagead2.googlesyndication.com/bg/ Frame E538	37 KB 14 KB	4ms 4ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Tue, 15 Aug 2023 21:15:24 GMT content-encoding br x-content-type-options nosniff age 314730 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14754 x-xss-protection 0 last-modified Mon, 14 Aug 2023 12:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 14 Aug 2024 21:15:24 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 7D9C	0 10 B	4ms 3ms	Image text/plain	2607:f8b0:4006:81e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?czvFGg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:54 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	ctaarrow.svg client.bannerspace.net/111329/ Frame D465	274 B 426 B	92ms 92ms	Image image/svg+xml	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/ctaarrow.svg Requested by Host: client.bannerspace.net URL: https://client.bannerspace.net/111329/banner_728x90.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://client.bannerspace.net/111329/banner_728x90.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:55 GMT last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 210 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H2	200	NoaLTStd-Regular.woff client.bannerspace.net/111329/ Frame D465	23 KB 23 KB	118ms 104ms	Font font/woff	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://client.bannerspace.net/111329/NoaLTStd-Regular.woff Requested by Host: client.bannerspace.net URL: https://client.bannerspace.net/111329/banner_728x90.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers Referer https://client.bannerspace.net/111329/banner_728x90.min.css Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 date Sat, 19 Aug 2023 12:40:55 GMT x-content-type-options nosniff last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache content-type font/woff access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 23664 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E538	0 20 B	22ms 21ms	Image image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjH8ZVbjgZJ2IOo6DoPMPmJeL-AkAAAAAOAHgBAI&bg=!ICOlI3fNAAZGPLJIZjw7ADkAdvg8WlDCOqKA7mNggNrfeOYvps2oG5FeShQJUlEXvyxln4VME4jHCgVQMFxDDVvlSUKPPYsC1pUCAAABjVIAAAALaAEHmQMWpksD97Gc9ouzqHdnuOaXSIcHCTNeg6eJnsOXQ0eSTuRD_lcsmXaNWxbt23JOEm6OKmMALqHD9UySy_JsUbCAPPy41QQk3rCYqt8wFrxYfgOdm8TOQY1DAwu6y1G9pTom1hVY-0-KI1eRKculrLtGAKratH7zHXL-UPUi8X5kaxMnNjUrzFadItSmzrHC4NKyPGcrSGO6QAgM6anIXSzt4hNgJmZfrE2mlJ530MYnJGRG1cyrKdYDprJxmgWOmR3BmW-S9azM1jpMMZAGZPURKIQvjxVO9dTPv25_NvPB9mvUmNi9HFXW8InjQ95CY-FvqH2PFO74voGo_A3omzc1_aLFdG5CagAewGi3Fat-U_5nJLSyHpINPPFVKLOA2CXp3RtNUMdVbsamciWb02nxIkefCM7AgGXMCkQBp2tf4_VJnsmt_rsQ-CfnHybVB3i-eyEVGi64Udy4uMlXklbj45Gw29AAVDUmeB54In2wmVfFNy4E0L4_AZ5VC_5OelVSkEuBtsc6tsQBEGk-beVEc3q3mMSZl9G-yxY8Qs9f4v8oW9JC8RXjtLaDW6ruavy03WUyLGzmUuYGhL_DdISKW3-7h3sj2WHFbEUN9vQJroOQEVgCVrQg6N9Ly-9v0pPXsGNgTNZ6L88U7a971B9YbaPjFeits113RXc6mKIRWiSTz2JzOdEpLZ60gPtZNFhDQ3kcIIHMUD_CFXbdplNAbhG8M3ujkP6KYnEXoaouv74hBrvzkmFKal8pXFVNJqqSeEM1RKVK_Dvsclgdg0bk_1xgedahYwUAQJ4zKPGFV96g1hWuoRBp-x5AwMVaZlbemrUtFEQbI7hP75i1V2kOhyQ-hBwqCbGpk-qP8_hJSa3KmJVAjofVOKXFrEmSyBGPU1HWF-viFgiAhP1C0W98KlK8nKhD3wJ1fgCJpT9qmS2XhODrrkWVrYYYMX-eBsumGK_xEI0jrQpQ9QD8jxw_wMria5xya95hdIvO4QRfto3jCJpPqvj1iM1WzM6qy-V1e1HC5eYvKsswKh2pAi8gzs5Ydx4qbQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:55 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	feed.xml Show response client.bannerspace.net/113164/ Frame D465	2 KB 744 B	92ms 92ms	XHR application/xml	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://client.bannerspace.net/113164/feed.xml?preventCache=0.6748822619172017 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 3bc001ef63e007ca54898c7644347d3c7398838e5d14bd298442e5046ffc6b36 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:55 GMT last-modified Fri, 18 Aug 2023 18:05:10 GMT server Apache vary Accept-Encoding content-type application/xml access-control-allow-origin * cache-control no-transform, max-age=300 accept-ranges bytes content-length 528 expires Sat, 19 Aug 2023 12:45:55 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0843	0 0	23ms 21ms	Fetch image/gif	142.250.81.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLbN7T-OgDOBsfuFuZTCXQ78otMM4Mu5wFqehLKGsBSVO3IbVFVPHCB86hwkosuStVJz1mMFnwjgJiKHEzNkyyycrMvqPl9SMsKCowNHZMsGyhVGJb48d_mbE5CmVZu-QLn5VduTeM_QN9qcBzVrg7v4gXznv5PRKOL0AhHATgrRMsFnienFE4SiV_jA4-2Rqtx1eZ3XOEPaUju9Zh5p11q_F4d4UdKhum-ujTEsPXI6XzH5PGODzQcOrnYwMm_fGZ8CK8BNmrWPFYOE_8O8UB2UDhby9Oag--kH7zmxG19c6W_oS_YxHHP1WTEGP-9sO15ouHrecBTlNWzZWP3KRey89pIfF4IThQhps093723-QOyBaprVfwJUWlpldLhlBK7glKYkHUiS9ef0YSVlTwGvYFib-0YlkULLjwNBS6BNr1nILTH65nooFlH74f1Q55Zt6ZCoZVU00jM8GKUk01Qb0mU2UbtRqYEAYYv46NhNdLCboqNGwu08LRMTFuuLSf0wx3VhBRUdU7d8T9PjUi6Mpt5LG-jzGx3djlngOb3WwMn9fMSNQjXA5U8Pwuc4k6b41rvKcxP0FRs9p0pLw8XaySmR8J_iN_XEhp2xZiCCzagxPGFzTGMaCNI_gfycX3TvcVzWI4c6F1tq79gTj_g-vKqUDrg--IvMMhjQ6XKQ74dhUPtTuX4UQQ7idBdF7RMfYevPYY25BKarUhiRLMyo9B_rrrUAT75LHOTSEgWXh9I-X16HQgJN4ILiOGOUua0pgwLlVMrUXIOfuGXtUMdSYgvE-e7QPA-XdYZLr1x-ju-DSxWhHpK0U1ahHiEk9_axU3hy1jcF_XAp7IhioAzweNi-vNuM26DIDKdAOB5xpjxt4snb1YbbypdGnOC5MBpuNf3eOB-dGdXU3J15fjRpvAl1bSzwoI06OEOcOcNRMmff14VaKl2BHvy0FLgCXB-WuS06WO10Qz0y7MtwoC8UiasrrYKf0VeZXP7MDWhTd4DWHhRm4BOo5rCwJKmJFUg-sj56adP40yG-nya8MMEdcwxSo0JaHf9CyEqhqMdaxQ74P-gyRIwgW56WpcpPDTzfqY7SWt_Kf3TwXVyzXaHDUyljzgGn35AYmfzfHFPQvf20NPsotuaHokX3h8lML4yyK0V9WJrHV_C5zjpru0S_dSSzmzKVmRuHZcnHp-VqoOgNMk6AOLsfGA58Mc3xZUGWWSiYOtJxvwRRzA6Sp33xF-fpaBIbGFGXuAu8xcpkfDvMGN42afk0BYg6ljj70jmZfcforEed6V0DjIqr5qjWblqmmsoVsv3K6ziXWzWZ2L9CkAJSKw8LOuLzKseBktnXDfWgjNv1jn&sai=AMfl-YRhq6bWYyTpvAXF1IEC5Ew4bgYoGLCMeP9zIXl1d1oANj5WENKqdJu55xCVFv21in2pR0Hi56VsWgHAMGDeeysFB3zKArrNcwplZMOzeYbLXvxEE-s8He2xGerzsaeL_Sy2MXpDqE8QJqNg4mOohQVPlkLbI--olnuTwOFxO0ozhUL6XbTXxG-eTvTZv9IVAvvYNl4SJSRYA-6DyK9_VmOYZviNASU0rKsmXxfULvhtAhmv3EttsbxYaGgckFgOtvefh_F6F1-Xk4DKDEaRzrTFwndgb9k&sig=Cg0ArKJSzKWtUA8VG2exEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=900&vt=11&dtpt=753&dett=3&cstd=143&cisv=r20230816.18196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s.yam.com URL: https://s.yam.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Sat, 19 Aug 2023 12:40:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 19 Aug 2023 12:40:55 GMT
GET H2	200	engine.min.js Show response client.bannerspace.net/111329/ Frame D465	11 KB 3 KB	96ms 96ms	Script application/javascript	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://client.bannerspace.net/111329/engine.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/7896425576088820268/index.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 5efd5c070968ae7f3020be206ac993036ee7cbc6fab47e799ad4d9e9a86155f9 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:55 GMT last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 2988 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H2	200	NoaLTStd-Light.woff client.bannerspace.net/111329/ Frame D465	23 KB 24 KB	95ms 94ms	Font font/woff	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://client.bannerspace.net/111329/NoaLTStd-Light.woff Requested by Host: client.bannerspace.net URL: https://client.bannerspace.net/111329/banner_728x90.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers Referer https://client.bannerspace.net/111329/banner_728x90.min.css Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 date Sat, 19 Aug 2023 12:40:55 GMT x-content-type-options nosniff last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache content-type font/woff access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 23972 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H2	200	728x90_std_Inspiration.jpg client.bannerspace.net/111329/ Frame D465	50 KB 50 KB	116ms 114ms	Image image/jpeg	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/728x90_std_Inspiration.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 98ec376a437d562f3805b9bb734e8da6a822a2a3c621cf2a91ef62d57a383f78 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 date Sat, 19 Aug 2023 12:40:55 GMT x-content-type-options nosniff last-modified Thu, 03 Aug 2023 14:45:36 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 51007 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H2	200	royal_dutch_airlines.svg client.bannerspace.net/111329/ Frame D465	6 KB 2 KB	34ms 32ms	Image image/svg+xml	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/royal_dutch_airlines.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:55 GMT last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 1846 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H2	200	winglogo.svg client.bannerspace.net/111329/ Frame D465	5 KB 2 KB	35ms 34ms	Image image/svg+xml	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/winglogo.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 content-encoding gzip x-content-type-options nosniff date Sat, 19 Aug 2023 12:40:55 GMT last-modified Thu, 03 Aug 2023 14:45:27 GMT server Apache vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 1891 expires Sat, 19 Aug 2023 13:10:55 GMT
GET H2	200	728x90_std_AMS.jpg client.bannerspace.net/111329/ Frame D465	33 KB 33 KB	946ms 945ms	Image image/jpeg	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/728x90_std_AMS.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 8df91932b0c5cab534f768ecdf126b0ca45cd7320c864a9724c765a06b835e40 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 date Sat, 19 Aug 2023 12:40:56 GMT x-content-type-options nosniff last-modified Thu, 03 Aug 2023 14:45:34 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 33827 expires Sat, 19 Aug 2023 13:10:56 GMT
GET H2	200	728x90_std_BCN.jpg client.bannerspace.net/111329/ Frame D465	27 KB 27 KB	760ms 759ms	Image image/jpeg	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/728x90_std_BCN.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 3da1158954296eb3769aa2540710cf60adb2b63073034241bce623bc8c912a48 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 date Sat, 19 Aug 2023 12:40:56 GMT x-content-type-options nosniff last-modified Thu, 03 Aug 2023 14:45:34 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 27649 expires Sat, 19 Aug 2023 13:10:56 GMT
GET H2	200	728x90_std_NBO.jpg client.bannerspace.net/111329/ Frame D465	17 KB 17 KB	811ms 810ms	Image image/jpeg	2600:1400:d:589::21cf AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://client.bannerspace.net/111329/728x90_std_NBO.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:589::21cf New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash d79a92ab813823b522d4e9983cfa3432ccad841dad0eb282eeec7025afa964a7 Security Headers Name Value Strict-Transport-Security max-age=31622400 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers strict-transport-security max-age=31622400 date Sat, 19 Aug 2023 12:40:56 GMT x-content-type-options nosniff last-modified Thu, 03 Aug 2023 14:45:35 GMT server Apache content-type image/jpeg access-control-allow-origin * cache-control no-transform, max-age=1800 accept-ranges bytes content-length 17710 expires Sat, 19 Aug 2023 13:10:56 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	68ms 67ms	Image text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=3310095204787598&bg=!Dg2lDVnNAAZGPLJIZjw7ADkAdvg8WgjNAR-kubFdTXlLiD_VzCwbPGWkvffppi6kK6gGjcQyCS6gniuAklFzgdJl9C4kIqVoA7kCAAABuFIAAAAUaAEHmQK9oTWR3AVioXB01BLhHyMAMKuF3IpuyBMs0kidQcxKhojpQXqWBzxTpqpiNrrXh-dlq0M2-_2WXXuL_FZq7qWZbpl6HAOTJ4BAQOI1Pz84xkboCfDXb7Ry9IzyQ8p_Zj3EUYfkJrQwiJgwsw7WvnzeWt9-P6Apn5aSaTj6QZrMnA2AbpRcXiCbEHEdPCwzt9Yl8FtRy4WaQkGS1_V-Yhf9vtLagP1Tl6T9SAAn53Jri1GBhoomV30p72DHU3OXq9QR9phel7ZUa63CNA2CqdD-H7X9ozlx202br48wF8RDGviE5mGxyMKyjQ4JW_NMGtarJyqFx__10S-l6kHto2KNmPQ7ckz2I5jVChrOgGu0IeYhyynW0IZ3YWsI4LpFuVuF2jZqcvn4EN8h4YCegeCg72V-J33j1FEsvmtobqgmEfy6LdZSaevBekvzjw-Ww3s21FST7If_360ZBBrcWmVj2maF3lXuCohJWGTIRbXZEjmhfhj2PhqeBAK2Y0g9B8zVd3rIgvDCB1yIZho0gJYtt8-m8bXPPLGX6YmczS0l5l67UaHUmJyn9Ma5zD184-TrmNUHk6kfx_4LikTbV_v-vfF6shH64JnD_5kyaxbtTTVUmAHWw5KvYDZbWWX-tlXRAyjZ6CDTY5b7COvNMtOV17iZlr--Z3OL2hpcELIRDJA3-HhabbpI7LranQ4Tc2DL-G_hoz91UNxejO4pCXw7h-dxzH3bjYVw8d_6XiXUdbGUl65g2xvbm3fSkFl8phCCxVb-uwxbYI_6lPlGv9ebVDGxKmKwa2ntDJmLXJoOM0RU7t3L141E_phGHUg0FOtwKXxTVg3sBQ53NqOxbZsAK3Auz2-i4pnW0nvSiIgFdOilI89XiFkzHIRn5OSJiJxspb2C1n-OUYi9hYSu3XjtT38J6eDVsHCYw85GfkI Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://s.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0843	42 B 64 B	29ms 28ms	Fetch image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssleBnCgO-VJ4td0eupqoYaucsjmlB9uVkocSMClUjdiS5yUy0f_BxvU7YAnTVgOvSDEH8nBB_bkRNel452tUg_LwHyNNLNEtXQtNSyzTBzSTyUFof43satqwuAHnI_VXzplOJKeQw3fQ&sai=AMfl-YR6eBd0YYFyKqLaIfOE35woWm5xTL5sRZHg3gZmXKFO1uHPOdVSvs8b_E7GHIBO0vKNsTsz51PNCfCaHSxG2tmnOmCiTNLZYzDfn3LkQ_YyvChQEnzOmkHctD-O&sig=Cg0ArKJSzGH5g_Qt_I3eEAE&cid=CAQSPABpAlJWgVciTlpYYNEeDLTNyhjyL5jkVcEK4bczk-o6MCXoa78zMX7RjQ8AWxmUXoldomY9vibZYUC-CxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=946,1000,1000,1000,1000&tos=946,54,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692448853696&rpt=811&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:55 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0843	0 20 B	19ms 19ms	Ping image/gif	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1526345530483&version=m202307240101&ct=76&x=1&cor=9768475925974686000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers pragma no-cache date Sat, 19 Aug 2023 12:40:56 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hanalytics.eu

URL

https://hanalytics.eu/js/script.js