nor.applersg.com Open in urlscan Pro
2606:4700:3034::6818:6238 Public Scan

URL:
https://nor.applersg.com/
Submission: On October 16 via manual (October 16th 2020, 6:40:09 am UTC) from NO

Summary HTTP 267 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 36 IPs in 8 countries across 29 domains to perform 267 HTTP transactions. The main IP is 2606:4700:3034::6818:6238, located in United States and belongs to CLOUDFLARENET, US. The main domain is nor.applersg.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2020. Valid for: a year.

This is the only time nor.applersg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
99	2606:4700:303... 2606:4700:3034::6818:6238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:9600:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.128.141.43 178.128.141.43	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
44	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
8	3.127.76.126 3.127.76.126	16509 (AMAZON-02) (AMAZON-02)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
12	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
4	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
6	108.128.209.152 108.128.209.152	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:206... 2600:9000:206e:9600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206e:9e00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.195.43.194 18.195.43.194	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.166 54.36.109.166	16276 (OVH) (OVH)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
20	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:fc00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:206... 2600:9000:206e:fa00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
267	36

99 2606:4700:3034::6818:6238 (United States)

ASN13335 (CLOUDFLARENET, US)

nor.applersg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
applersg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:9600:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.128.141.43 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

popcornews.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

applersg.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.127.76.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.144.59.88 (United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.128.209.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:9600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:9e00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.43.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-43-194.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.166 (Germany)

ASN16276 (OVH, FR)
PTR: p10.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:fc00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:fa00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	applersg.com nor.applersg.com applersg.com	1 MB
47	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	218 KB
38	googlesyndication.com pagead2.googlesyndication.com 7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com tpc.googlesyndication.com	602 KB
20	ampproject.org cdn.ampproject.org	392 KB
9	ezoic.net g.ezoic.net go.ezoic.net	2 KB
6	gumgum.com g2.gumgum.com	5 KB
6	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	a-mo.net prebid.a-mo.net	1 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	1 KB
4	yandex.ru 1 redirects mc.yandex.ru	97 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	onetag-sys.com onetag-sys.com	531 B
3	google-analytics.com ssl.google-analytics.com	18 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	32 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	gstatic.com fonts.gstatic.com	22 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	criteo.net static.criteo.net	48 KB
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	116 B
2	popcornews.me popcornews.me	15 KB
1	quantcount.com rules.quantcount.com	348 B
1	googleapis.com fonts.googleapis.com	761 B
1	id5-sync.com id5-sync.com	927 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	168 B
1	consensu.org c.sharethis.mgr.consensu.org
1	disqus.com applersg.disqus.com	1 KB
267	29

	Domain	Requested by
62	nor.applersg.com	nor.applersg.com
44	securepubads.g.doubleclick.net	nor.applersg.com securepubads.g.doubleclick.net
37	applersg.com	nor.applersg.com applersg.com
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com nor.applersg.com cdn.ampproject.org
20	cdn.ampproject.org	securepubads.g.doubleclick.net
9	pagead2.googlesyndication.com	nor.applersg.com pagead2.googlesyndication.com
8	g.ezoic.net	nor.applersg.com
6	g2.gumgum.com	nor.applersg.com
4	www.google.com	1 redirects nor.applersg.com
4	prebid.a-mo.net	nor.applersg.com
4	mc.yandex.ru	1 redirects nor.applersg.com
3	sb.scorecardresearch.com	1 redirects go.ezoic.net
3	7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	ib.adnxs.com	2 redirects nor.applersg.com
3	onetag-sys.com	nor.applersg.com
3	ssl.google-analytics.com	nor.applersg.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ap.lijit.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	static.criteo.net	nor.applersg.com static.criteo.net
2	gum.criteo.com	1 redirects static.criteo.net
2	popcornews.me	nor.applersg.com popcornews.me
2	adservice.google.com	nor.applersg.com pagead2.googlesyndication.com
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	go.ezoic.net
1	go.ezoic.net	nor.applersg.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	ads.pubmatic.com	nor.applersg.com
1	id5-sync.com	nor.applersg.com
1	l.sharethis.com	platform-api.sharethis.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	bidder.criteo.com	nor.applersg.com
1	hbopenbid.pubmatic.com	nor.applersg.com
1	mug.criteo.com	nor.applersg.com
1	applersg.disqus.com	nor.applersg.com
1	platform-api.sharethis.com	nor.applersg.com
267	41

This site contains links to these domains. Also see Links.

Domain
silktide.com
tha.applersg.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-09` - `2021-08-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
popcornews.me Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
ezoic.net Let's Encrypt Authority X3	`2020-09-25` - `2020-12-24`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-09-02` - `2020-12-01`	3 months	crt.sh
*.a-mo.net Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-09-27` - `2020-12-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.ezoic.net Amazon	`2020-03-15` - `2021-04-15`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://nor.applersg.com/
Frame ID: E4D2BF35349A047A4528746EA320AB63
Requests: 196 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Frame ID: 347E9A496B18D6EA8CEBDDE4198F9574
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: D4989341267505A628EAE402739A1AE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5902083285302779&output=html&adk=1812271804&adf=3025194257&lmt=1602830393&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnor.applersg.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602830393133&bpp=11&bdt=366&idt=147&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7465453645173&frm=20&pv=2&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_fc=0&ga_wpids=UA-131124028-26&iag=0&icsg=4436305872683016&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3057600044535346&pem=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=168
Frame ID: 0129BAD401FB2A4D0BFAEE0422BAA2EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: EB68BA618349D4BA34CF25C3AA727110
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=nor.applersg.com
Frame ID: 0A9CFBDB80C12F9E676961581DEBBFE8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: ABC1A5DD9BFE27D56F94B48DD1C6C825
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1602830393204
Frame ID: CB03A24B58557A9B44017866B26539DD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs
Frame ID: 52379E5BA09F9455E0087F6FC892833E
Requests: 18 HTTP requests in this frame

Frame: https://7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F1A79FF51C3F9AE77863827B689216C4
Requests: 1 HTTP requests in this frame

Frame: https://7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 9D4433F8D67843DDF65F1A603FB2F875
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs
Frame ID: 89E1091C1720CC785353B12E59180E1D
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs
Frame ID: 6A78453D526A76AD36EDD4D7F6FEA2FD
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs
Frame ID: A8EFAED7F027FAF6B1E8461488F50C50
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

267
Requests

99 %
HTTPS

54 %
IPv6

29
Domains

41
Subdomains

36
IPs

8
Countries

2680 kB
Transfer

5676 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://tha.applersg.com/
Title: applersg.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnor.applersg.com%2F&domain=nor.applersg.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=genL9nxCdjc1ZzNCVzBsZ3dHdmFxSTdsaVg2V1BZcGJBMDgvRGx5RVlVSTRVdiszWnZOZzVsSEVjOURhK3hOVERqUEtrU2p3RWUrclVIblVmaXcvRmhhR0YwT3RCTUJUUmdSbjZsSDVTWUt0M1VCbTBTd1ErMzJXRG0rQWh4T2FpMk9hZmhxL3dkZ3ZxdmUyOFI1R21DV3AzK2t6aXJSMXlINCtDcWorbzk3eUJyT2RPSzNRSFl5WlJTT3dmQmdQTldvZzhvRHNTa29iT1BVNEo2L0xCbk5uNVpNOHlDVG9YYUxBK3RFd0dNWnZwVEprPXw&cppv=2

Request Chain 92

https://mc.yandex.ru/watch/49779424?wmode=7&page-url=https%3A%2F%2Fnor.applersg.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602830392105%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201016083953%3Aet%3A1602830393%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A92816628269%3Arqn%3A1%3Arn%3A77712047%3Ahid%3A1015375528%3Ads%3A18%2C17%2C622%2C4%2C0%2C0%2C0%2C192%2C66%2C%2C%2C%2C854%3Afp%3A783%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1602830393%3Au%3A1602830393230793980%3At%3AApple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com HTTP 302
https://mc.yandex.ru/watch/49779424/1?wmode=7&page-url=https%3A%2F%2Fnor.applersg.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602830392105%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201016083953%3Aet%3A1602830393%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A92816628269%3Arqn%3A1%3Arn%3A77712047%3Ahid%3A1015375528%3Ads%3A18%2C17%2C622%2C4%2C0%2C0%2C0%2C192%2C66%2C%2C%2C%2C854%3Afp%3A783%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1602830393%3Au%3A1602830393230793980%3At%3AApple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com

Request Chain 118

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D1bfb8973-6ef5-47a3-b723-fa7ad550031d%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=appnexus&uid=1324480661877772756

Request Chain 119

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=index_rtb&uid=X4lAPFVbLGAAAG19MtgAAAC2%261212

Request Chain 121

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=sovrn&uid=4273bc492ee00c1770fd7527

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 175

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1602830398640&ns_c=UTF-8&cv=3.5&c8=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&c7=https%3A%2F%2Fnor.applersg.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1602830398640&ns_c=UTF-8&cv=3.5&c8=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&c7=https%3A%2F%2Fnor.applersg.com%2F&c9=&cs_ak_ss=1

267 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nor.applersg.com/ 98 KB
21 KB 658ms
622ms Document
text/html 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: febdc37e23cafa734485dc27177a23e162f267903c490ccc9b1e8a85751ce142

Request headers

:method: GET
:authority: nor.applersg.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 16 Oct 2020 06:39:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de50372ab2ea73c72680e72da125f52231602830392; expires=Sun, 15-Nov-20 06:39:52 GMT; path=/; domain=.applersg.com; HttpOnly; SameSite=Lax; Secure ezoadgid_112957=-1; Path=/; Domain=applersg.com; Expires=Fri, 16 Oct 2020 07:09:52 UTC ezoref_112957=; Path=/; Domain=applersg.com; Expires=Fri, 16 Oct 2020 08:39:52 UTC ezoab_112957=mod1; Path=/; Domain=applersg.com; Expires=Fri, 16 Oct 2020 08:39:52 UTC active_template::112957=pub_site.1602830392; Path=/; Domain=applersg.com; Expires=Sun, 18 Oct 2020 06:39:52 UTC ezopvc_112957=1; Path=/; Domain=applersg.com; Expires=Fri, 16 Oct 2020 07:09:52 UTC ezepvv=786; Path=/; Domain=applersg.com; Expires=Sat, 17 Oct 2020 06:39:52 UTC lp_112957=https://nor.applersg.com/; Path=/; Domain=applersg.com; Expires=Fri, 16 Oct 2020 08:39:52 UTC ezovid_112957=484633883; Path=/; Domain=applersg.com; Expires=Fri, 16 Oct 2020 07:09:52 UTC ezovuuidtime_112957=1602830392; Path=/; Domain=applersg.com; Expires=Sun, 18 Oct 2020 06:39:52 UTC ezovuuid_112957=e6019a10-7de7-4cd5-5b0f-5147a70075d7; Path=/; Domain=applersg.com; Expires=Fri, 16 Oct 2020 07:09:52 UTC ezCMPCCS=true; Path=/; Domain=applersg.com; Expires=Sat, 16 Oct 2021 06:39:52 GMT
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store
display: pub_site_sol
expires: Thu, 15 Oct 2020 06:39:52 GMT
pagespeed: off
response: 200
vary: Accept-Encoding Accept-Encoding
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.68
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site
cf-cache-status: DYNAMIC
cf-request-id: 05d1bbf35100002b8986ab1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e2fc8fee8b82b89-FRA
content-encoding: br

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 38ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nor.applersg.com

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 dall3270.js Show response
nor.applersg.com/porpoiseant/ 362 KB
103 KB 61ms
57ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b95a3a8861b0ca2198fb54800d3c398d52817f49ca4672fb8ebbb2138edbe48

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Oct 2020 18:05:54 GMT
server: cloudflare
etag: W/"5a8c0-5b140ccb52480;5b1b9042ac3a7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e2fc902d9952b89-FRA
cf-request-id: 05d1bbf5cc00002b896131c000000001

GET
H2 200 bootstrap.min.css
applersg.com/template/apple/css/ 136 KB
19 KB 29ms
19ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/bootstrap.min.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b00628163cf16acb9225ba30390854b0e3cdafc84ce2ecf159a3b6654528cea

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 4455
x-ezoic-cdn: Hit ds;mm;6a915576e8f40ba203408f4cc3b7f26f;2-112957-15;a97b43da-e9aa-45e5-68e4-1adc81d9fa80
x-forwarded-for: 62.93.21.127, 13.248.113.224
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5d200002b8983174000000001
response: 200
last-modified: Fri, 16 Oct 2020 03:54:15 GMT
server: cloudflare
etag: W/"21f45-572118f9ed997-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc902e9b42b89-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 style.css
applersg.com/template/apple/css/ 21 KB
4 KB 24ms
14ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/style.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7a21c1f1b3e08d079493da91812ed7f278d314051cf3f01a445dda311b4eaf

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 90235
x-ezoic-cdn: Miss
x-forwarded-for: 2001:b07:646a:2a6:f0c0:e594:c2c4:eafe, 99.82.163.42
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5d300002b896606f000000001
response: 200
last-modified: Thu, 15 Oct 2020 04:26:28 GMT
server: cloudflare
etag: W/"5295-572118fbeb5cb-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc902e9bf2b89-FRA
display: staticcontent_sol, orig_site_sol
expires: Thu, 22 Oct 2020 05:35:57 GMT

GET
H2 200 flexslider.css
applersg.com/template/apple/css/ 4 KB
1 KB 27ms
18ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/flexslider.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9390948cc4848231ec89e2bc4a216ce3d76658d8017db503a2b1d7436d7cbc5

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 4455
x-ezoic-cdn: Miss
x-forwarded-for: 2a00:20:a022:8422:c03d:6ac:a6c2:2887, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5d300002b8993a6d000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:20 GMT
server: cloudflare
etag: W/"105b-572118fa86eb3-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc902e9bc2b89-FRA
display: staticcontent_sol, orig_site_sol
expires: Fri, 23 Oct 2020 05:25:37 GMT

GET
H2 200 owl.carousel.css
applersg.com/template/apple/css/ 860 B
550 B 25ms
15ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/owl.carousel.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fc0b0660145ac9ad7029f8004767efa1b95c7929061ad620bb8428022c67f8

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 176104
x-ezoic-cdn: Hit ds;dd;6a3109170fde97a3b2acce4b5b3d945f;2-112957-15;067ee0a6-22ca-4153-60c5-faeebdf100bc
x-forwarded-for: 46.246.105.14, 13.248.120.37
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5d600002b896e18f000000001
response: 200
last-modified: Fri, 09 Oct 2020 18:05:54 GMT
server: cloudflare
etag: W/"35c-572118fbbd76c-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc902e9bb2b89-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 animate.css
applersg.com/template/apple/css/ 35 KB
3 KB 28ms
18ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/animate.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac79f7385aeb7bd790a5d0a1b6d2cae41185bb8aa6f717272fb9d1aa47ce2f56

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 90235
x-ezoic-cdn: Hit ds;md;c37063ef6047a1d56f625988d415a1cb;2-112957-15;8488b7b8-d104-4ea0-7022-12f9b228616d
x-forwarded-for: 154.121.58.81, 99.82.163.205
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5d300002b894699f000000001
response: 200
last-modified: Wed, 14 Oct 2020 20:55:43 GMT
server: cloudflare
etag: W/"8b4e-572118f7c8c64-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc902e9b92b89-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 owl.theme.css
applersg.com/template/apple/css/ 1 KB
597 B 25ms
16ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/owl.theme.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b22e3713b4f143a154ebbe747d93b8f840f8e82b647a00123683847df95dfd3

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 4455
x-ezoic-cdn: Miss
x-forwarded-for: 2a00:20:a022:8422:c03d:6ac:a6c2:2887, 99.82.163.67
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5d300002b89b4b05000000001
response: 200
last-modified: Fri, 16 Oct 2020 05:05:17 GMT
server: cloudflare
etag: W/"454-572118fbca28c-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc902e9bd2b89-FRA
display: staticcontent_sol, orig_site_sol
expires: Fri, 23 Oct 2020 05:25:37 GMT

GET
H2 200 font-awesome.min.css
applersg.com/template/apple/css/ 26 KB
5 KB 29ms
20ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/font-awesome.min.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59e988efff59a4c4d7e464a8fe24b2797ced47c2a7ed87607b6ee0c6e9dc6be8

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 4455
x-ezoic-cdn: Hit ds;mm;d8da2352709e42e17f6630c5b318704b;2-112957-15;e4517051-dbcb-4f77-48ab-7c814ed5489f
x-forwarded-for: 98.128.167.195, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5d300002b896eb51000000001
response: 200
last-modified: Fri, 16 Oct 2020 02:56:21 GMT
server: cloudflare
etag: W/"670f-572118fa89d93-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc902e9ba2b89-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 99 KB
31 KB 79ms
19ms Script
text/javascript 2600:9000:206e:9600:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9600:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 69231802cb66664de0bb8e6ed284c0376ca19865d4534d4e357ee47899912776

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:35:51 GMT
content-encoding: gzip
age: 241
etag: W/"18c16-H89yYyeMrvPZlZb0QgB+KzI5BIc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: N6yQFTI5GKrg1Moj0z2UxNiVx_xgQ3qjZFyf_tIbEEbAz3CvpYB-0g==
via: 1.1 db5fd46eeb9457ed138e2c8651664df5.cloudfront.net (CloudFront)

GET
H2 200 / Show response
popcornews.me/ 14 KB
15 KB 80ms
20ms Script
application/javascript 178.128.141.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://popcornews.me/?pu=hazwenbsgu5ha3ddf4ytenzu

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.128.141.43 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

77c05e49f5e4121bcdf0b6df89373f6b5cd6846eea70156f416a59f4af54025d

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 16 Oct 2020 06:39:52 GMT
server: nginx
access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
46 KB 53ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45748
x-xss-protection: 0
server: cafe
etag: 3045074480856053689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Oct 2020 06:39:52 GMT

GET
H2 200 cookieconsent.min.js Show response
nor.applersg.com/ezoic/ 4 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/ezoic/cookieconsent.min.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05d1bbf5cc00002b896606e000000001
last-modified: Fri, 09 Oct 2020 18:05:54 GMT
server: cloudflare
etag: W/"11a4-5b140ccb52480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 5e2fc902d9932b89-FRA
expires: Sat, 16 Oct 2021 06:39:52 GMT

GET
H2 200 logo.png
applersg.com/template/apple/img/ 13 KB
13 KB 19ms
12ms Image
image/png 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/template/apple/img/logo.png
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84eeafd08bebaac7b1ce9d961f2a845b612acc65944a29688ef6f26078811929

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1837168
x-ezoic-cdn: Hit ds;mm;c320c963a2a5f4ef5d57f09575335c74;2-112957-15;ba407a30-8301-4bd7-7519-824863ed6637
x-forwarded-for: 51.39.128.52, 99.82.163.45
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf61700002b8985992000000001
response: 200
last-modified: Thu, 24 Sep 2020 23:45:50 GMT
server: cloudflare
etag: W/"32e9-57211d12f5bed-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc9035ab02b89-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 udk-iphone-ios-now-available.jpg
applersg.com/img/development/672/ 50 KB
50 KB 79ms
77ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/development/672/udk-iphone-ios-now-available.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08cc0febbde79c65381c972a80b77c90812813f2cb7b23fa70513867daa3d275

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.66
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf62600002b894780f000000001
response: 200
last-modified: Fri, 16 Oct 2020 02:56:21 GMT
server: cloudflare
etag: W/"c87f-571e8f311a6b9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc9037ae62b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 hide-any-file-folder-making-it-invisible-mac-os-x-finder-with-setfile.png
applersg.com/img/command-line/821/ 33 KB
33 KB 93ms
92ms Image
image/png 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/command-line/821/hide-any-file-folder-making-it-invisible-mac-os-x-finder-with-setfile.png
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7d986d12708735f184b07d2cd1e59871cd1bbe8290f9c8b7ab8d770dbb1238

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf62700002b8942a72000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:21 GMT
server: cloudflare
etag: W/"8283-571e8def9c348-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc9037ae72b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 ten-os-x-command-line-utilities-you-might-not-know-about.png
applersg.com/img/command-line/848/ 67 KB
67 KB 82ms
81ms Image
image/png 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/command-line/848/ten-os-x-command-line-utilities-you-might-not-know-about.png
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9f7514589ab0fd139926135617cee878b5e2fdcabfe39ca0ce2e195483f3598

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.66
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf62700002b894b1a6000000001
response: 200
last-modified: Fri, 16 Oct 2020 05:05:19 GMT
server: cloudflare
etag: W/"10b20-571e8df8420ef-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc9037ae82b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 boise.js Show response
nor.applersg.com/detroitchicago/ 983 B
509 B 27ms
21ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/boise.js?gcb=191-2&cb=1
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035ab12b89-FRA
cf-request-id: 05d1bbf61700002b898317a000000001

GET
H2 200 list-all-apps-downloaded-from-mac-app-store-via-command-line.jpg
applersg.com/img/command-line/263/ 14 KB
14 KB 58ms
57ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/command-line/263/list-all-apps-downloaded-from-mac-app-store-via-command-line.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a7eb85be3c1de9200286051f16e74bf9f0e3d8a95885949739d33c28e2ad7d

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf62700002b89a7963000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:23 GMT
server: cloudflare
etag: W/"3665-571e8d584d191-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc9037aeb2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 beta-4-os-x-10-11.jpg
applersg.com/img/apple-tv/811/ 16 KB
16 KB 81ms
53ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/apple-tv/811/beta-4-os-x-10-11.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7103e832afb79f79b1cef1a089146db0a633c458e302f07fa31edfa1f74ea31

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.68
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64700002b899e14f000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:23 GMT
server: cloudflare
etag: W/"4002-571e8ceb21084-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab762b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 how-hide-channels.jpg
applersg.com/img/apple-tv/220/ 52 KB
53 KB 118ms
90ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/apple-tv/220/how-hide-channels.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcf235152a388915bfe790962f1ecdf4afc8bbd35f09c945a652c1e3949238fa

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.68
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64800002b89b408f000000001
response: 200
last-modified: Fri, 16 Oct 2020 02:37:30 GMT
server: cloudflare
etag: W/"d1e7-571e8ccd2e16a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab7b2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 stream-from-itunes-apple-tv-with-new-remote-app.jpg
applersg.com/img/apple-tv/205/ 52 KB
52 KB 119ms
91ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/apple-tv/205/stream-from-itunes-apple-tv-with-new-remote-app.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3866a28f74bbe7283778cb7e5d12bcb431c1e6c286399d576b8a7f9b57b56cc

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.67
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64700002b89aa8f5000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:20 GMT
server: cloudflare
etag: W/"cfe0-571e8cccd632c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab7c2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 apple-tv-jailbreak-coming-soon.jpg
applersg.com/img/apple-tv/667/ 5 KB
5 KB 84ms
56ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/apple-tv/667/apple-tv-jailbreak-coming-soon.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975f86f3d2a91a4087fe292a3a0db8e1e28512ffc3d47fc38f0e305fc2db0406

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64700002b896cb86000000001
response: 200
last-modified: Fri, 16 Oct 2020 02:56:20 GMT
server: cloudflare
etag: W/"140c-571e8ce1718e4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab7e2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 i3d-app-shows-3d-graphics-iphone-4-ipad-2-with-no-glasses-required.jpg
applersg.com/img/fun/761/ 22 KB
22 KB 94ms
67ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/fun/761/i3d-app-shows-3d-graphics-iphone-4-ipad-2-with-no-glasses-required.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae33fd4876cd73bcb5ede603df85d921481d12f56a69396b1d676e2ff3fb12cc

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64700002b89572a1000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:21 GMT
server: cloudflare
etag: W/"5797-571e8ff388853-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab7f2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 ios-10-beta-2-macos-sierra-beta-2.jpg
applersg.com/img/news/365/ 42 KB
42 KB 125ms
98ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/news/365/ios-10-beta-2-macos-sierra-beta-2.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e68d25e51895e6bfb563b7210a707f7041026ff22b1693439be9b8ba646be1

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64800002b898f3ad000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:19 GMT
server: cloudflare
etag: W/"a645-571e9d2500b51-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab802b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 apple-dominates-best-gift-ideas.jpg
applersg.com/img/fun/596/ 35 KB
35 KB 107ms
80ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/fun/596/apple-dominates-best-gift-ideas.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d35902ecbccf57c790dd5e6b089f3bfd0c9c10d3e370bc020b1cf60e971b7cae

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64800002b89509ab000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:23 GMT
server: cloudflare
etag: W/"8d69-571e8fc547c65-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab812b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 ipod-vending-machines.jpg
applersg.com/img/fun/331/ 46 KB
47 KB 119ms
92ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/fun/331/ipod-vending-machines.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa6b5b4c28893b8d0bd1ee4455065947cd5451112f8ae3e0349150948eea7e38

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64800002b8980955000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:19 GMT
server: cloudflare
etag: W/"b9cd-571e8f7888700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab822b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 how-save-photos-from-messages-mac-os-x-quickly-with-drag-drop.jpg
applersg.com/img/mac-os-x/319/ 13 KB
13 KB 74ms
46ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/mac-os-x/319/how-save-photos-from-messages-mac-os-x-quickly-with-drag-drop.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118394ffa72dd5a71add53eff4c4bce97ba5805fc0b1917f93adb1d5481dde6f

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.68
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64800002b894f324000000001
response: 200
last-modified: Fri, 16 Oct 2020 06:02:13 GMT
server: cloudflare
etag: W/"3498-571e98ba8bfd5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab832b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 iphone-5-tv-commercials-start-air.jpg
applersg.com/img/iphone/555/ 29 KB
29 KB 96ms
69ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/iphone/555/iphone-5-tv-commercials-start-air.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 409bae0628b24d0a88d35385e9d7c9711991bfe95957f07ee610f41276c5b652

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.66
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64800002b8941b70000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:30 GMT
server: cloudflare
etag: W/"745b-571e95d71c216-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab852b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 os-x-10-10-3-update-available.jpg
applersg.com/img/mac-os-x/225/ 39 KB
39 KB 48ms
20ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/mac-os-x/225/os-x-10-10-3-update-available.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129db65319058b94e2d24022c63311b77aa3a3ab0c843044492a4574f5567c25

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 159881
x-ezoic-cdn: Miss
x-forwarded-for: 2a02:2450:1189:9a8:79fa:6859:416f:8e92, 99.82.163.40
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64800002b897498b000000001
response: 200
last-modified: Fri, 09 Oct 2020 18:05:54 GMT
server: cloudflare
etag: W/"9b32-571e98380ee67-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab882b89-FRA
display: staticcontent_sol, staticcontent_sol
expires: Fri, 13 Nov 2020 10:15:11 GMT

GET
H2 200 os-x-mavericks-release-date-is-today.jpg
applersg.com/img/mac-os-x/101/ 68 KB
69 KB 128ms
100ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/mac-os-x/101/os-x-mavericks-release-date-is-today.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b77875a301f0e5047b1a9c803837914d4558065a8b03933cc33474b59af5b15

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64900002b896ab17000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:36 GMT
server: cloudflare
etag: W/"111e5-571e9795d5d47-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab8a2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 4-tips-record-amazing-video-fireworks-with-iphone.jpg
applersg.com/img/ipad/930/ 97 KB
97 KB 128ms
100ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/ipad/930/4-tips-record-amazing-video-fireworks-with-iphone.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 471195a760a6ea7c30f4415c119cc5a6632524840b0045d7c37c414bb09424d7

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.67
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64900002b8985997000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:24 GMT
server: cloudflare
etag: W/"183f4-571e947d50259-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab8c2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 mac-setup-macbook-pro-15-with-apple-cinema-display.jpg
applersg.com/img/mac-setups/682/ 53 KB
53 KB 109ms
81ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/mac-setups/682/mac-setup-macbook-pro-15-with-apple-cinema-display.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eef78f69a07323d7d7e9cdc52e7bd3d5f118330cac83d82e59963db6b33e442

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.67
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64900002b894d0f8000000001
response: 200
last-modified: Fri, 16 Oct 2020 05:06:14 GMT
server: cloudflare
etag: W/"d37c-571e9ca6aa1f7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab8d2b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 steve-jobs-was-asked-creator-lsd-help-promote-therapeutic-uses-drug.jpg
applersg.com/img/fun/363/ 77 KB
77 KB 122ms
93ms Image
image/jpeg 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://applersg.com/img/fun/363/steve-jobs-was-asked-creator-lsd-help-promote-therapeutic-uses-drug.jpg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a80ad28356d459a51ef061d0767b88d85ef009e97ef9032ab6816159c509dd5

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.65
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf64a00002b89ad0bd000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:31 GMT
server: cloudflare
etag: W/"133d9-571e8f8217b01-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 5e2fc903ab902b89-FRA
expires: Sun, 15 Nov 2020 06:39:52 GMT

GET
H2 200 jquery.min.js Show response
applersg.com/template/apple/js/ 94 KB
32 KB 19ms
18ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/js/jquery.min.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4455
x-ezoic-cdn: Hit ds;mm;1d19c2d4df1a11a83af45a9630f9dcd8;2-112957-15;826fe48b-1d51-4cf5-4090-f97906650b61
x-forwarded-for: 62.93.21.127, 13.248.113.228
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5f100002b899ba42000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:20 GMT
server: cloudflare
etag: W/"176fd-572119011a80c-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9031a1c2b89-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 bootstrap.min.js Show response
applersg.com/template/apple/js/ 36 KB
9 KB 18ms
18ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/js/bootstrap.min.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4455
x-ezoic-cdn: Hit ds;mm;63677adce91d16f57b16f2acc381c271;2-112957-15;b8bd34db-b4d3-4727-6dbb-5b9a86bdc931
x-forwarded-for: 98.128.167.195, 99.82.163.66
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf60c00002b8980950000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:24 GMT
server: cloudflare
etag: W/"8fd6-57211900e0e2d-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9034a842b89-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 jquery.flexslider-min.js Show response
applersg.com/template/apple/js/ 22 KB
6 KB 21ms
13ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/js/jquery.flexslider-min.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71e84f4b3a46857e0ee497d4890e8a90ba4889e3c72d3c39a1ea7f78c1f8065b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4455
x-ezoic-cdn: Hit ds;mm;e628468a4cf80537e5418cdac4985c8b;2-112957-15;9bec29d2-6ec3-4e7c-5dd8-d907029ea96e
x-forwarded-for: 62.93.21.127, 13.248.113.230
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf61600002b8986af8000000001
response: 200
last-modified: Fri, 16 Oct 2020 02:56:35 GMT
server: cloudflare
etag: W/"5616-572119010fc2c-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9035aab2b89-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 owl.carousel.js Show response
applersg.com/template/apple/js/ 53 KB
9 KB 21ms
14ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/js/owl.carousel.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4455
x-ezoic-cdn: Hit ds;mm;b4667225c3b63891b813d3db9bbce799;2-112957-15;fefc8982-ed50-4b79-6937-d0c14d3931e5
x-forwarded-for: 98.128.167.195, 99.82.163.67
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf61600002b89ad0b8000000001
response: 200
last-modified: Fri, 16 Oct 2020 05:05:19 GMT
server: cloudflare
etag: W/"d424-572119014384b-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9035aac2b89-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 custom.js Show response
applersg.com/template/apple/js/ 2 KB
631 B 18ms
11ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/js/custom.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2eb4d3912eb81a565f3695101fbc9aa1310bb54e5d04e27ca88301a0c943534

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4455
x-ezoic-cdn: Miss
x-forwarded-for: 2a00:20:a022:8422:c03d:6ac:a6c2:2887, 99.82.163.68
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf61600002b8970928000000001
response: 200
last-modified: Fri, 16 Oct 2020 04:27:21 GMT
server: cloudflare
etag: W/"6bf-57211900e2d6d-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9035aad2b89-FRA
display: staticcontent_sol, staticcontent_sol
expires: Fri, 23 Oct 2020 05:25:37 GMT

GET
H2 200 wow.min.js Show response
applersg.com/template/apple/js/ 7 KB
3 KB 19ms
12ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/js/wow.min.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e4e7fe8cb48988e94ca8055ec02e044e2f9b6cb7a89a7c27b62f388cc0c983

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 90235
x-ezoic-cdn: Miss
x-forwarded-for: 2001:b07:646a:2a6:f0c0:e594:c2c4:eafe, 99.82.163.46
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf61700002b899ba46000000001
response: 200
last-modified: Thu, 15 Oct 2020 05:20:09 GMT
server: cloudflare
etag: W/"1bf3-572119014f3cb-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9035aae2b89-FRA
display: staticcontent_sol, staticcontent_sol
expires: Thu, 22 Oct 2020 05:35:57 GMT

GET
H/1.1 200
OK count.js Show response
applersg.disqus.com/ 1 KB
1 KB 78ms
21ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://applersg.disqus.com/count.js

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 06:39:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 204891
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 08 Oct 2020 19:21:32 GMT
Server: nginx
ETag: "5f7f66bc-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H2 200 houston.js Show response
nor.applersg.com/detroitchicago/ 3 KB
1 KB 23ms
20ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/houston.js?gcb=2&cb=20
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a2e154e2160b19efa400825df0da12d0d3aa6add96f3512602ac39dafdc3d7

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035ab22b89-FRA
cf-request-id: 05d1bbf61700002b895a857000000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 125ms
71ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

a4988ad727f6f2a048e97c92064d18a0d77ba523fa9c7a53e162309febfe2682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "664 / 478 of 1000 / last-modified: 1602799789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17700
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:39:52 GMT

GET
H2 200 banger.js Show response
nor.applersg.com/porpoiseant/ 50 KB
11 KB 48ms
45ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/porpoiseant/banger.js?cb=191-2&bv=89&v=35&PageSpeed=off
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee2910e4b5209fc15058a67f5f33e18c43f5a2618395e081ba0e6d3191f21821

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035ab32b89-FRA
cf-request-id: 05d1bbf61700002b8961325000000001

GET
H2 200 memphis.js Show response
nor.applersg.com/detroitchicago/ 5 KB
2 KB 24ms
21ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/memphis.js?gcb=191-2&cb=2
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3280d840db75382b0a366d79bcd0dbe276a33e62b7be641e27b8b4bf68f66156

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035ab52b89-FRA
cf-request-id: 05d1bbf61700002b89501d4000000001

GET
H2 200 minneapolis.js Show response
nor.applersg.com/detroitchicago/ 845 B
551 B 20ms
18ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/minneapolis.js?gcb=191-2&cb=1
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035ab62b89-FRA
cf-request-id: 05d1bbf61700002b89af93c000000001

GET
H2 200 raleigh.js Show response
nor.applersg.com/detroitchicago/ 2 KB
865 B 27ms
25ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/raleigh.js?gcb=191-2&cb=1
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ceaaa105abb177182163d2b3c95418076c4cd7881b107e39e1ae77dde7f7c1

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035ab82b89-FRA
cf-request-id: 05d1bbf61800002b89961cd000000001

GET
H2 200 tampa.js Show response
nor.applersg.com/detroitchicago/ 754 B
489 B 51ms
49ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/tampa.js?gcb=191-2&cb=1
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035ab92b89-FRA
cf-request-id: 05d1bbf61800002b894780e000000001

GET
H2 200 rochester.js Show response
nor.applersg.com/detroitchicago/ 2 KB
834 B 47ms
45ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/rochester.js?cb=191-2&v=9
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc9035aba2b89-FRA
cf-request-id: 05d1bbf61800002b8942a71000000001

GET
H2 200 css.css
applersg.com/template/apple/css/ 6 KB
771 B 15ms
15ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/css.css
Requested by: Host: applersg.com
URL: https://applersg.com/template/apple/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa6ac00f568c333fa2ad3fb5459426ff882d4f5dcd8b4b6ac11b518e9748b13

Request headers

Referer: https://applersg.com/template/apple/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 175564
x-ezoic-cdn: Hit ds;dd;5a6af6b2a95593912d413767efdd7a1f;2-112957-15;80a2144d-d807-4232-7dac-231e2f16e3ef
x-forwarded-for: 78.72.182.22, 13.248.100.42
status: 200
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
cf-request-id: 05d1bbf5fa00002b896ab0f000000001
response: 200
last-modified: Fri, 09 Oct 2020 18:05:54 GMT
server: cloudflare
etag: W/"1881-572118f9fb457-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9032a442b89-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 44ms
6ms Script
text/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 634
date: Fri, 16 Oct 2020 06:29:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 16 Oct 2020 08:29:18 GMT

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
562 B 80ms
27ms Script
text/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 8d103a9144e8047b29babe84278fda2b8cdc1c150fd0f8a91408f2e278ed6db4

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
last-modified: Fri, 16 Oct 2020 06:01:35 GMT
server: nginx/1.16.0
etag: c70f7b6240c2fa078071838370a30d3c
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=999999, private
content-length: 276
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 l.svg
nor.applersg.com/utilcave_com/ 965 B
863 B 57ms
57ms Image
image/svg+xml 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/utilcave_com/l.svg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-sol: middleton
cf-request-id: 05d1bbf61b00002b89469a5000000001
last-modified: Thu, 15 Oct 2020 17:31:19 GMT
server: cloudflare
etag: W/"3c5-5ac9ecc7b5bc0-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 5e2fc9035ac42b89-FRA
expires: Fri, 23 Oct 2020 06:39:52 GMT

GET
H2 200 BngRUXZYTXPIvIBgJJSb6u92w7CGwR0.woff2
applersg.com/template/apple/css/ 17 KB
18 KB 84ms
63ms Font
font/woff2 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/BngRUXZYTXPIvIBgJJSb6u92w7CGwR0.woff2
Requested by: Host: applersg.com
URL: https://applersg.com/template/apple/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c45003af2c9eeeec9ac1206dd1bb6d6b759798be69d22e87fa868dc8ca056bd

Request headers

Origin: https://nor.applersg.com
Referer: https://applersg.com/template/apple/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.67
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf62f00002c0d46834000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:19 GMT
server: cloudflare
etag: W/"447c-572118f8c0d1e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9037e052c0d-FRA
expires: Fri, 23 Oct 2020 06:39:52 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
applersg.com/template/apple/css/ 17 KB
17 KB 78ms
65ms Font
font/woff2 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by: Host: applersg.com
URL: https://applersg.com/template/apple/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e099f52508ea4e3c116643ff36383375e8ab33ce866e5ab4f17b63f142e98e4

Request headers

Origin: https://nor.applersg.com
Referer: https://applersg.com/template/apple/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.66
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf62f00002c0d1c192000000001
response: 200
last-modified: Thu, 15 Oct 2020 17:31:17 GMT
server: cloudflare
etag: W/"4410-572118f860240-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9037e0a2c0d-FRA
expires: Fri, 23 Oct 2020 06:39:52 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 162ms
63ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 06:39:53 GMT
Content-Encoding: br
Last-Modified: Tue, 06 Oct 2020 13:44:27 GMT
ETag: "5f75f273-175fc"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 95740
Expires: Fri, 16 Oct 2020 07:39:53 GMT

GET
H2 200 anchorfix.js Show response
nor.applersg.com/ezoic/ 879 B
523 B 27ms
25ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/ezoic/anchorfix.js?cb=191-2
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5e2fc9040c4b2b89-FRA
cf-request-id: 05d1bbf68400002b89a8212000000001
expires: Sat, 16 Oct 2021 06:39:52 GMT

GET
H2 200 jellyfish.webp Show response
nor.applersg.com/porpoiseant/ 58 KB
12 KB 64ms
63ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/porpoiseant/jellyfish.webp?a=a&cb=191-2&shcb=34
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5e2fc9040c502b89-FRA
cf-request-id: 05d1bbf68400002b8980959000000001

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 94 KB
33 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

627f350205a35965309770d25fb8cc66f952b60a93f99ad56ae5d6776a8e7bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33389
x-xss-protection: 0
server: cafe
etag: 14003085089450645891
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Oct 2020 06:39:52 GMT

GET
H2 200 fontawesome-webfont.woff2
applersg.com/template/apple/css/ 55 KB
56 KB 79ms
79ms Font
font/woff2 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applersg.com/template/apple/css/fontawesome-webfont.woff2
Requested by: Host: applersg.com
URL: https://applersg.com/template/apple/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://nor.applersg.com
Referer: https://applersg.com/template/apple/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-forwarded-for: 2a01:4f8:121:131a::2, 99.82.163.68
status: 200
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
cf-request-id: 05d1bbf68600002c0d3196e000000001
response: 200
last-modified: Fri, 16 Oct 2020 06:01:38 GMT
server: cloudflare
etag: W/"ddcc-572118fb2a010-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 5e2fc9040f352c0d-FRA
expires: Fri, 23 Oct 2020 06:39:53 GMT

GET
H2 200 imp.gif
nor.applersg.com/detroitchicago/ 43 B
185 B 21ms
21ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_location_ids%22%3A%220%2C0%2C0%2C0%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A6%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A112957%2C%22domain_test_group%22%3A20200401%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22602%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1101%2C1103%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22fbc35984-026f-4a0b-711f-7f5107b42698%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A347%2C%22serverid%22%3A%2235.156.219.154%3A12477%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%2C1101%2C1103%22%2C%22t_epoch%22%3A1602830392%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fnor.applersg.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1122%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
status: 200
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 5e2fc904bdc62b89-FRA
content-length: 43
cf-request-id: 05d1bbf6f000002b897a8cc000000001

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnor.applersg.com%2F&domain=nor.applersg.com&cw=1
https://mug.criteo.com/sid?cpp=genL9nxCdjc1ZzNCVzBsZ3dHdmFxSTdsaVg2V1BZcGJBMDgvRGx5RVlVSTRVdiszWnZOZzVsSEVjOURhK3hOVERqUEtrU2p3RWUrclVIblVmaXcvRmhhR0YwT3RCTUJUUmdSbjZsSDVTWUt0M1VCbTBTd1ErMzJXRG0rQW...

340 B
633 B

101ms
32ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=genL9nxCdjc1ZzNCVzBsZ3dHdmFxSTdsaVg2V1BZcGJBMDgvRGx5RVlVSTRVdiszWnZOZzVsSEVjOURhK3hOVERqUEtrU2p3RWUrclVIblVmaXcvRmhhR0YwT3RCTUJUUmdSbjZsSDVTWUt0M1VCbTBTd1ErMzJXRG0rQWh4T2FpMk9hZmhxL3dkZ3ZxdmUyOFI1R21DV3AzK2t6aXJSMXlINCtDcWorbzk3eUJyT2RPSzNRSFl5WlJTT3dmQmdQTldvZzhvRHNTa29iT1BVNEo2L0xCbk5uNVpNOHlDVG9YYUxBK3RFd0dNWnZwVEprPXw&cppv=2

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

fdf256b16cc912ef3045cd564b67174b7fb37380ac0ab8334d97c9171319d06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 16 Oct 2020 06:39:53 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1174
content-length: 340
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Fri, 16 Oct 2020 06:39:52 GMT
location: https://mug.criteo.com/sid?cpp=genL9nxCdjc1ZzNCVzBsZ3dHdmFxSTdsaVg2V1BZcGJBMDgvRGx5RVlVSTRVdiszWnZOZzVsSEVjOURhK3hOVERqUEtrU2p3RWUrclVIblVmaXcvRmhhR0YwT3RCTUJUUmdSbjZsSDVTWUt0M1VCbTBTd1ErMzJXRG0rQWh4T2FpMk9hZmhxL3dkZ3ZxdmUyOFI1R21DV3AzK2t6aXJSMXlINCtDcWorbzk3eUJyT2RPSzNRSFl5WlJTT3dmQmdQTldvZzhvRHNTa29iT1BVNEo2L0xCbk5uNVpNOHlDVG9YYUxBK3RFd0dNWnZwVEprPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 905
content-length: 482
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 104ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 16 Oct 2020 06:39:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://nor.applersg.com

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
447 B 73ms
27ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://nor.applersg.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 c Show response
prebid.a-mo.net/a/ 715 B
786 B 287ms
111ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 4fde19fbe4c978100434b99d2a96e779fa1118a3f7a0c844fbc63820ff2bb18c

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Oct 2020 06:39:52 GMT
content-encoding: gzip
server: envoy
status: 200
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nor.applersg.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 24
content-length: 356

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 295 B
860 B 98ms
36ms XHR
application/json 108.128.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.com%2C33e49a14cac43c151680982df18fe02f%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnor.applersg.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.209.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ee995a5cf6d31e78ab94dafcee554098ec88848d7d0354d0e3350784bff20116

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nor.applersg.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 295 B
858 B 112ms
50ms XHR
application/json 108.128.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.com%2C33e49a14cac43c151680982df18fe02f%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnor.applersg.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.209.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0405b2e0cbcd7bc26571d899f3195e8971c474b7f958e5ce447c1b7e10be309c

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nor.applersg.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 295 B
859 B 98ms
36ms XHR
application/json 108.128.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.com%2C33e49a14cac43c151680982df18fe02f%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnor.applersg.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.209.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fbf1a5dd327d3f60dcdd27402783ed291311877a4b6b59e3b0adb2cd892215b9

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nor.applersg.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 295 B
860 B 111ms
49ms XHR
application/json 108.128.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.com%2C33e49a14cac43c151680982df18fe02f%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnor.applersg.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.209.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 991587d785ed3c635b2eb99520f267b1e4e182e5427baca5902f72bc6519756e

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nor.applersg.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 295 B
861 B 101ms
40ms XHR
application/json 108.128.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20831&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.com%2C33e49a14cac43c151680982df18fe02f%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnor.applersg.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.209.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bc3b0143190f14aab48aa7934383d5ec2fcc6e2c1edd2b052a0d0f1d5056a74c

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nor.applersg.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 295 B
858 B 98ms
37ms XHR
application/json 108.128.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20904&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.com%2C33e49a14cac43c151680982df18fe02f%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnor.applersg.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.209.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f7c1bf3038928f32470a492ca64f6bcac4bb65ac2fab22cde5f71406d183840c

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://nor.applersg.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 68ms
23ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 06:39:53 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid: e63bb126-c364-4d84-b288-517555fe8d83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nor.applersg.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 82ms
26ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=11484645106
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 16 Oct 2020 06:39:52 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://nor.applersg.com
timing-allow-origin: *
vary: Origin

GET
H2 200 anaheim.js Show response
nor.applersg.com/detroitchicago/ 665 B
446 B 21ms
19ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/anaheim.js?gcb=2&cb=1
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age=31536000, public
cf-ray: 5e2fc904ee242b89-FRA
cf-request-id: 05d1bbf71300002b89af94d000000001

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
77 B 26ms
25ms Script
text/html 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 16 Oct 2020 06:39:53 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 edmonton.webp Show response
nor.applersg.com/detroitchicago/ 14 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/detroitchicago/edmonton.webp?a=a&cb=191-2&shcb=34
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5e2fc904ee2a2b89-FRA
cf-request-id: 05d1bbf71300002b8996963000000001

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
193 B 40ms
39ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoiZXh0X3VzZXJfaGFzaCIsInZhbCI6Ik5UIn1dfV0=
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bbf71300002b896f096000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc904ee2c2b89-FRA
expires: Thu, 15 Oct 2020 06:39:53 UTC

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
418 B 35ms
20ms Image
image/gif 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1083602083&utmhn=nor.applersg.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&utmhid=771696603&utmr=-&utmp=%2F&utmht=1602830393118&utmac=UA-131124028-26&utmcc=__utma%3D222222664.918754954.1602830393.1602830393.1602830393.1%3B%2B__utmz%3D222222664.1602830393.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1021551177&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
57 B 35ms
20ms Image
image/gif 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1399147583&utmhn=nor.applersg.com&utme=8(template*domain)9(pub_site*applersg.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&utmhid=771696603&utmr=-&utmp=%2F&utmht=1602830393122&utmac=UA-38339005-1&utmcc=__utma%3D222222664.918754954.1602830393.1602830393.1602830393.1%3B%2B__utmz%3D222222664.1602830393.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=201419745&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/ 230 KB
87 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88670
x-xss-protection: 0
server: cafe
etag: 13373283986949850894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Oct 2020 06:39:53 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/ Frame 347E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201008/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 16 Oct 2020 03:54:38 GMT
expires: Fri, 30 Oct 2020 03:54:38 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 9915
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5ae36507de20620011e03397.js Show response
buttons-config.sharethis.com/js/ 419 B
765 B 75ms
38ms Script
text/javascript 2600:9000:206e:9600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5ae36507de20620011e03397.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f4d4602015dd91daf6ed74b28bb84a4561828e450b8c652db96d7ca66d2ca4a

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
via: 1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
last-modified: Fri, 27 Apr 2018 18:04:06 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: "f430f66a97f8d44d5ced0f644f068e64"
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 419
x-amz-cf-id: S1mLpMaAA74KzP1I5JiD4nIitOt0rUJmrZXMYAvwYfQ2FOtCKjbwJQ==

GET
H2 200 nmash.js
nor.applersg.com/porpoiseant/ 22 KB
5 KB 29ms
28ms Other
application/javascript 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/porpoiseant/nmash.js?v=89
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0999837d201bfbd82287fa2744bc4bb36b66aa440bf45d8be527b9bf179eff45

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Oct 2020 03:54:18 GMT
server: cloudflare
etag: W/"5681-5b1c1b80bccd7;5b1c1b80bccd7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e2fc9056f072b89-FRA
cf-request-id: 05d1bbf75d00002b8996969000000001

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
129 B 29ms
29ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiJjNzBmN2I2MjQwYzJmYTA3ODA3MTgzODM3MGEzMGQzYyJ9XX1d
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bbf77000002b899ba5f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9057f512b89-FRA
expires: Thu, 15 Oct 2020 06:39:53 UTC

GET
H3-Q050 200 pubads_impl_2020101401.js Show response
securepubads.g.doubleclick.net/gpt/ 272 KB
96 KB 113ms
60ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

37f0de0f751a4f96a2d8464621c2daff72b42b521a2fdc233be2fa188b96657f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 08:38:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97748
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:39:53 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame D498 0
0 88ms
17ms Document
text/html 2600:9000:206e:9e00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:9e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 18:27:43 GMT
date: Fri, 16 Oct 2020 05:49:36 GMT
cache-control: max-age=3600, public
etag: W/"83a-174e56b8518"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 03f23a59e296041c07602d699fc87484.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: pVjwpimKDL6QuSImqkhCQd0zWP9Fb5D3K0-xqbjZIJukDf-YV84KbQ==
age: 3017

GET
H2 200 / Show response
popcornews.me/ 10 B
196 B 28ms
25ms Script
application/javascript 178.128.141.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://popcornews.me/?pus=hazwenbsgu5ha3ddf4ytenzu&sub1=&sub2=&sub3=&sub4=&gmt=2

Requested by

Host: popcornews.me
URL: https://popcornews.me/?pu=hazwenbsgu5ha3ddf4ytenzu

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.128.141.43 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 16 Oct 2020 06:39:53 GMT
server: nginx
access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
129 B 16ms
15ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMTYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImRvbWFpbl9pZCI6IjExMjk1NyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImRvbWFpbl9pZCI6IjExMjk1NyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bbf7af00002b896511c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830393"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc905e8102b89-FRA
expires: Thu, 15 Oct 2020 06:39:53 UTC

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nor.applersg.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
868 B 36ms
22ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nor.applersg.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0129 0
0 107ms
106ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5902083285302779&output=html&adk=1812271804&adf=3025194257&lmt=1602830393&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnor.applersg.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602830393133&bpp=11&bdt=366&idt=147&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7465453645173&frm=20&pv=2&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_fc=0&ga_wpids=UA-131124028-26&iag=0&icsg=4436305872683016&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3057600044535346&pem=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5902083285302779&output=html&adk=1812271804&adf=3025194257&lmt=1602830393&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnor.applersg.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602830393133&bpp=11&bdt=366&idt=147&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7465453645173&frm=20&pv=2&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_fc=0&ga_wpids=UA-131124028-26&iag=0&icsg=4436305872683016&dssz=81&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3057600044535346&pem=3&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=168
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Oct 2020 06:39:53 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Oct-2020 06:54:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Oct 2020 06:39:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602674900477171"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:39:53 GMT

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/49779424/
Redirect Chain

https://mc.yandex.ru/watch/49779424?wmode=7&page-url=https%3A%2F%2Fnor.applersg.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602830392105%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362...
https://mc.yandex.ru/watch/49779424/1?wmode=7&page-url=https%3A%2F%2Fnor.applersg.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602830392105%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613...

186 B
692 B

49ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49779424/1?wmode=7&page-url=https%3A%2F%2Fnor.applersg.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602830392105%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201016083953%3Aet%3A1602830393%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A92816628269%3Arqn%3A1%3Arn%3A77712047%3Ahid%3A1015375528%3Ads%3A18%2C17%2C622%2C4%2C0%2C0%2C0%2C192%2C66%2C%2C%2C%2C854%3Afp%3A783%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1602830393%3Au%3A1602830393230793980%3At%3AApple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c7a514ef9248a31ef0b26d7cdb166e18aa4871e9373132f1c6b61d0ffbee34e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 06:39:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16-Oct-2020 06:39:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://nor.applersg.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 186
X-XSS-Protection: 1; mode=block
Expires: Fri, 16-Oct-2020 06:39:53 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 06:39:53 GMT
Last-Modified: Fri, 16-Oct-2020 06:39:53 GMT
Access-Control-Allow-Origin: https://nor.applersg.com
Strict-Transport-Security: max-age=31536000
Location: /watch/49779424/1?wmode=7&page-url=https%3A%2F%2Fnor.applersg.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602830392105%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201016083953%3Aet%3A1602830393%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A92816628269%3Arqn%3A1%3Arn%3A77712047%3Ahid%3A1015375528%3Ads%3A18%2C17%2C622%2C4%2C0%2C0%2C0%2C192%2C66%2C%2C%2C%2C854%3Afp%3A783%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1602830393%3Au%3A1602830393230793980%3At%3AApple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 16-Oct-2020 06:39:53 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
338 B 90ms
23ms XHR
text/plain 18.195.43.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=nor.applersg.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fnor.applersg.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&cms=unknown&publisher=5ae36507de20620011e03397&sop=true&bsamesite=true&consentDomain=.consensu.org&consent_duration=211&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.43.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-43-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 06:39:53 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://nor.applersg.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
379 B 133ms
46ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 06:39:53 GMT
Last-Modified: Thu, 15 Oct 2020 15:05:59 GMT
ETag: "5f886557-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 16 Oct 2020 07:39:53 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
808 B 308ms
308ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3690244060489573&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60%7C320x310%7C360x410%7C320x430&fluid=height&prev_scp=iid2%3D148486%26iit%3D7%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dapplersg_com-box-2-148486%26eb_br%3D89140e49112be0d1d542e0eda661bd02%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D850%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1602830393&dt=1602830393453&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=231&adys=246&adks=2833990747&ucis=1&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x420&msz=847x402&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=847&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

a5116767eaf17c577fc330e479f5bd84694b57da3336b061ce580aeac1006532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
393 B 523ms
522ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3690244060489573&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D1cc6194a60dec937c7bbae022bbe3dfd%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D1600%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1602830393&dt=1602830393464&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=180&adks=1015830945&ucis=2&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

eead550462af1723d74bd71bb44a0fec8f2ba3f33e320e36ae815e024bc924ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 416 B
411 B 793ms
793ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3690244060489573&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D1cc6194a60dec937c7bbae022bbe3dfd%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D1600%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1602830393&dt=1602830393469&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=450&adks=450323450&ucis=3&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

bac20d43350602e59a13e37c5f4e7528d291ddb17c6272fa1a5d2a92f56db7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 219
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 416 B
391 B 989ms
989ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3690244060489573&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D1cc6194a60dec937c7bbae022bbe3dfd%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D1600%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1602830393&dt=1602830393475&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=720&adks=1741669899&ucis=4&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

d95751deffbac78ee10e0d4eae56f1e036d0cc494efb413e1198bbebfc6d2b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
398 B 1193ms
1193ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3690244060489573&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D1cc6194a60dec937c7bbae022bbe3dfd%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D1600%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1602830393&dt=1602830393480&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=990&adks=1313132013&ucis=5&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

0519c7723e7040c97ee4fd5f256fc5a912b916ee3650dd70eb175b51986a64b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 424 B
399 B 1395ms
1394ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3690244060489573&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x310%7C310x330%7C340x330%7C430x420&prev_scp=iid2%3D140936%26iit%3D6%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dapplersg_com-medrectangle-2-140936%26eb_br%3D89140e49112be0d1d542e0eda661bd02%26eba%3D1%26ebss%3D10061%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ft%3D1%26br1%3D850%26br2%3D450%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1602830393&dt=1602830393485&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1104&adks=809236414&ucis=6&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

7b050b518e14ec06da148083f33ad10ace2c2a3779ac636edbaa8c6c9175667c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dark-bottom.css
nor.applersg.com/ezoic/styles/ 3 KB
990 B 20ms
20ms Stylesheet
text/css 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nor.applersg.com/ezoic/styles/dark-bottom.css
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Oct 2020 18:05:54 GMT
server: cloudflare
etag: W/"bd7-5b140ccb52480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830394"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=31536000, public
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e2fc9078bb12b89-FRA
cf-request-id: 05d1bbf8b900002b898e2e5000000001

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
141 B 19ms
18ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImRvbWFpbl9pZCI6IjExMjk1NyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjM2In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiI2NTgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjQifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTkyIn0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMjU4In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6Ijc1OCJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bbf8bc00002b899ba7a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830394"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9079bbe2b89-FRA
expires: Thu, 15 Oct 2020 06:39:53 UTC

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
129 B 21ms
20ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI3ODMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6Ijc4MyJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bbf8bd00002b89ad0f1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830394"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9079bc42b89-FRA
expires: Thu, 15 Oct 2020 06:39:53 UTC

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
129 B 20ms
19ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImRvbWFpbl9pZCI6IjExMjk1NyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bbf8be00002b89a0293000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830394"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9079bca2b89-FRA
expires: Thu, 15 Oct 2020 06:39:53 UTC

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 42ms
29ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d83730ed438fe6a296fa1a099d599e017a1148673fdef9394c2fda0d3a1272c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6470
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:39:53 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame EB68 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 16 Oct 2020 05:23:30 GMT
expires: Sat, 16 Oct 2021 05:23:30 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4583
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 16ms
15ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=3057600044535346&bg=!5eal5sbNAAWqWepuqljf0vL5vgYT7gIAAABLUgAAAA0KAfa7e1A7vn_XVI16picibpOkc4jf-hjFXiAzVRTUeZ8q1L5IRIt_Cw6LHfGsn1nlf_GmBp8qJOgw_FS5kWrUaMBGxWApq_RboNoTrlGTmOw4kCEXIDnqf1pYECT7Rgow59yQMPqWCOPkM3fiK0rGYfV64_gFA-GbB3jArMOHjqmoF4tzUV29572MjY2UkRZ1bDB-r7cfzBbjm5BJ0R9QGuq7aGwk0b0bzXJKKrC-rx5Q23hqruUvxXLeTYyZGD-_cQZ23aKRnucRD3TV1_OQGBkwhESrrVc6TzYd39naWNztdBW2bdt4jjn5k0En-4_40exkuDdBzIdSCNqW749Lwx157bvVHZmmSvQtc4RWuImdiGNrtbKx7cLbRbLzLAmMJu9UGrJp0rULI54xnkE_AhGp1CHK7e_12YKR81Y6d3BOPBIJ5wuKwyQAqUKxT3xYVw7Qb0raZ9msED7s1s52CkHFwDIk722hX0fksMuqn1UnsVAgACNXtGS7_KFpsbM-QjVOyX_wIaczkhQ-xrEJYuzh47aswbT-m6FPZkcLGWBVOeIsJ6lwuJ_PKQa3Hynp9hYJGL47NnKIosiPJ5NiJLwg-oNm4eRx4DMr06PCJOzYHdMQVqNZAjUT0BKy1UhEEhnGs5UoXpr0aKAFNMSvQ2D3qdmZVQILmQGp7nH-rmJd5atXIwXf9ujqoCNVuHKsKxJDybDSwAtg9iJVrPLyRa9_GOgTeTycMRg2bz9Vja72z5RtRsgOl4UitugM0KVpPP9Ja-GJLEdd6_yLf6hjwirk5PTU1z9y1IuhEB5-XVSJeNlQVQOry-GG5vIf7Eh0SIZBAM2tRb0ayKKCmEyjzz_3YBNXVfsLGF7MpZqCzGigQdnpIZaLsK-RED5ABeP_XH3YAJL1TcsHSrizf9PauRcbf5ZhTkFPswHrjhCWHFQqO3SkPampLfSPLdPGOP34K2Ez4I4oMt1rx6oOR0YbUDQkUpRde7UcPm2bBD0kxlI5TovA34zrt7fQeStm83QRkSsrkf3aHTniousVDBeV91jQkL5CmYyMp7fL-ECaQpvXZssvvhFfzEUYLdxlKGtcJspK3bEhwrsaPJv6banVNtz4vZqblEgtbr3eRDkmuYUIvyuWhUHfMJe44tPkd87PdhDEoT51noJZs6AxrWLVJbW1md3Ko8zyE28M_CfZVn87EFXabFGaYkCTlb226NtqDbQqb6o_wXvXPxIqtWnbzRND_yQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
152 B 20ms
19ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6Ijk5OSJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bbf9b400002b89b40d5000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830394"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9091f162b89-FRA
expires: Thu, 15 Oct 2020 06:39:54 UTC

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 74 KB
24 KB 50ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f72423823b8aca3ed7719ec83f569fa6936c398c486a48206226f817f60f0542

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:56 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:57:37 GMT
server: nginx
etag: W/"5f62a671-1265e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 17 Oct 2020 06:39:56 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 0A9C 0
0 45ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=nor.applersg.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=nor.applersg.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 544
date: Fri, 16 Oct 2020 06:39:55 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 74 KB
24 KB 51ms
25ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f72423823b8aca3ed7719ec83f569fa6936c398c486a48206226f817f60f0542

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:56 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:57:37 GMT
server: nginx
etag: W/"5f62a671-1265e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 17 Oct 2020 06:39:56 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 605 B
927 B 96ms
25ms XHR
application/json 54.36.109.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json?gdpr_consent=&gdpr=0

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.166 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p10.id5-sync.com

Software

Resource Hash

ff98520c8c3796ae393225c352942c7110bd0418feff69638092fe9bf0cbc652

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://nor.applersg.com
Date: Fri, 16 Oct 2020 06:39:56 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame ABC1 0
0 84ms
35ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://nor.applersg.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=171100
Expires: Sun, 18 Oct 2020 06:11:36 GMT
Date: Fri, 16 Oct 2020 06:39:56 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 /
onetag-sys.com/usync/ Frame CB03 0
0 24ms
24ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1602830393204

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/dall3270.js?cb=191-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1602830393204
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D1bfb8973-6ef5-47a3-b723-fa7ad550031d%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=appnexus&uid=1324480661877772756

0
141 B

91ms
91ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=appnexus&uid=1324480661877772756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 16 Oct 2020 06:39:55 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy

Redirect headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 06:39:56 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.56:80
AN-X-Request-Uuid: 22667b7f-7c3b-415a-a4a4-992edee100b3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=appnexus&uid=1324480661877772756
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=index_rtb&uid=X4lAPFVbLGAAAG19MtgAAAC2%261212

0
115 B

90ms
90ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=index_rtb&uid=X4lAPFVbLGAAAG19MtgAAAC2%261212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 16 Oct 2020 06:39:55 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy

Redirect headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 06:39:56 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=index_rtb&uid=X4lAPFVbLGAAAG19MtgAAAC2%261212
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Fri, 16 Oct 2020 06:39:56 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
84 B 25ms
24ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
strict-transport-security: max-age=2592000
cache-control: no-cache, no-transform
content-length: 0

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D1bfb8973-6ef5-47a3-b723-fa7ad550031d%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=sovrn&uid=4273bc492ee00c1770fd7527

0
117 B

90ms
90ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=sovrn&uid=4273bc492ee00c1770fd7527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 16 Oct 2020 06:39:55 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy

Redirect headers

Date: Fri, 16 Oct 2020 06:39:56 GMT
Server: nginx
Location: https://prebid.a-mo.net/setuid?A=1bfb8973-6ef5-47a3-b723-fa7ad550031d&D=&bidder=sovrn&uid=4273bc492ee00c1770fd7527
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 323 B
196 B 150ms
149ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2598765747398604&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x310%7C310x330%7C340x330%7C430x420&ris=3&rcs=1&prev_scp=iid2%3D140936%26iit%3D6%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dapplersg_com-medrectangle-2-140936%26eb_br%3Df63322dda53fb357fc621e718fd4fb87%26eba%3D1%26ebss%3D10061%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ft%3D1%26br1%3D450%26br2%3D450%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D850%26reqt%3D1602830396765&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830396&dt=1602830396768&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1104&adks=809236414&ucis=7&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

dc3e2eb5574e7549951c296cc5dfbae9ea4d5ac6c959e02392753060fc8a6790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
189 B 276ms
274ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=1897261420505973&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=3&rcs=1&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D04496beb0f6ca268a9a33f6569f82cb5%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D800%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D1600%26reqt%3D1602830396772&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830396&dt=1602830396774&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=990&adks=1313132013&ucis=8&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

656bc3ca1f0089fd4cbdc1e63e71719ab1a483a6ac997fb24f30835691b39152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 315ms
315ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3893915997680799&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=3&rcs=1&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D04496beb0f6ca268a9a33f6569f82cb5%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D800%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D1600%26reqt%3D1602830396778&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830396&dt=1602830396781&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=720&adks=1741669899&ucis=9&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

ec9262a64bbe38b9a4c4a6effb50485d7bb7bdb18b3f2c296a50438bbe2c3fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
164 B 295ms
293ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=1067902773671814&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=3&rcs=1&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D04496beb0f6ca268a9a33f6569f82cb5%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D800%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D1600%26reqt%3D1602830396786&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830396&dt=1602830396788&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=450&adks=450323450&ucis=a&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

91b3586547bdc74a24832515a351f0506f8e2bb766529a5ac445284c32bb81fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 295ms
291ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2385955575738410&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=3&rcs=1&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D04496beb0f6ca268a9a33f6569f82cb5%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D800%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D1600%26reqt%3D1602830396791&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830396&dt=1602830396795&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=180&adks=1015830945&ucis=b&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=12&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

ad169050d72bb72e8b1c2e2ef45968e95afafae260a3193ae00b0b88eb1d3191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 363ms
361ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3272816197215116&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60%7C320x310%7C360x410%7C320x430&fluid=height&ris=3&rcs=1&prev_scp=iid2%3D148486%26iit%3D7%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dapplersg_com-box-2-148486%26eb_br%3Df63322dda53fb357fc621e718fd4fb87%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D450%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D850%26reqt%3D1602830396800&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830396&dt=1602830396803&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=231&adys=246&adks=2833990747&ucis=c&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=13&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x420&msz=847x402&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=847&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

5887aa7c6070d43694405d040d125506a86784caff49b22e7137d48bfe19220a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 225ms
224ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2076010572010592&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x310%7C310x330%7C340x330%7C430x420&ris=1&rcs=2&prev_scp=iid2%3D140936%26iit%3D6%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dapplersg_com-medrectangle-2-140936%26eb_br%3D736e4998c7cae21e6c67e08e2de4db76%26eba%3D1%26ebss%3D10061%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ft%3D1%26br1%3D160%26br2%3D450%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26lb%3D450%26reqt%3D1602830397272&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397275&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1104&adks=809236414&ucis=d&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=14&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=512&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

642543517d6bb38c1d1a979e611d02d6532fd9874389dffaf21ae1c2f38a607f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11670
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 168ms
168ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3923026206154404&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=2&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfdeb1c0131f36a890082d4fe8e1da0d1%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D550%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D800%26reqt%3D1602830397281&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397284&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=990&adks=1313132013&ucis=e&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=15&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

f14bdfeaaf8f537976221d2097f382caae2ace47007de3cbccf14776c654f6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 173ms
172ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3335520097711863&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=2&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfdeb1c0131f36a890082d4fe8e1da0d1%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D550%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D800%26reqt%3D1602830397299&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397302&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=720&adks=1741669899&ucis=f&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=16&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

537a6fadf6f47193ef1620cd8df14da0505000a24480f4049f2e13e7d0fffcad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 210ms
209ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2454252736255668&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=2&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfdeb1c0131f36a890082d4fe8e1da0d1%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D550%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D800%26reqt%3D1602830397305&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397307&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=450&adks=450323450&ucis=g&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=17&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

6dd371ce0393cece6c9092d5a1d401855e61d91a458d3d990794c012bcc2c20e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 204ms
204ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3227205185812235&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=2&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfdeb1c0131f36a890082d4fe8e1da0d1%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D550%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D800%26reqt%3D1602830397332&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397335&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=180&adks=1015830945&ucis=h&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=18&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

8e4348be473c71dda59c8591dd23975b9c7226cfe220609d479e068b25039c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 190ms
190ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2369196766247842&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60%7C320x310%7C360x410%7C320x430&fluid=height&ris=1&rcs=2&prev_scp=iid2%3D148486%26iit%3D7%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dapplersg_com-box-2-148486%26eb_br%3D2acc48f80457fdc6d4d6786673884135%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D280%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26lb%3D450%26reqt%3D1602830397340&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397342&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=231&adys=246&adks=2833990747&ucis=i&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=19&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=83&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x420&msz=847x402&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=847&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

ad42494fe3dee8d57aa90f87389817493a167f934afad9eae3332b4c94346dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012009282107000/ Frame 5237 180 KB
51 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be76304e30fa9b218c48d6ff8371d274849ad8b93f1d620c29ff4c0b51a7007d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201137
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51872
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9398ddf16214957a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 5237 14 KB
5 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a5a5b30ae334bcd42d693c5bef0b04e60508189d783c7c14145f6a9571f53eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201123
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5251
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cd0e22e3cb35fef1"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 5237 89 KB
27 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19fc7f0d04ad5a2a4a7411b376ea325d2b761344f8517d4b818240c027d0618e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201133
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27538
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d668881fb8d2002"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 5237 3 KB
1 KB 34ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bc604e02fe45bc11d4a184f7b35714477914d76c83a8c87ff6a6a9d0c62b9e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224435
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 16:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40d38a4fa451e619"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 16:19:22 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 5237 42 KB
14 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42d51a6cdcd5a1f054242eac3bf88b8a8e267c45ced19f226391003c9d0824ea

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 334901
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13481
x-xss-protection: 0
server: sffe
date: Mon, 12 Oct 2020 09:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3fc780a1789373c2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Oct 2021 09:38:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5237 5 KB
761 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Oct 2020 06:29:58 GMT
server: ESF
date: Fri, 16 Oct 2020 06:39:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Oct 2020 06:39:57 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/38831886546374271/ Frame 5237 8 KB
8 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/38831886546374271/downsize_200k_v1?w=300&h=300

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c77c8a98ea0660608d38c8e7e4ce9d9f305efa10ed82bafe931e23804978f4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 13:46:57 GMT
x-content-type-options: nosniff
age: 60780
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8517
x-xss-protection: 0
last-modified: Thu, 03 Sep 2020 10:32:01 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Oct 2021 13:46:57 GMT

GET
DATA 200
OK truncated
/ Frame 5237 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc27eb6b26c21545e4b0074dbf54a22af6a651138c2652fcbefb850c7f3333c9

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5237 3 KB
3 KB 9ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85515
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5237 295 B
501 B 8ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33179
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5237 0
0 17ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdw3fJ_acSltlOWukYbo04azYOwOjAya4TYABLtEKGV-9tS6q8iRWGsQ0pVkzlTN0glTb1HcmLxT7HKg_7QNAdC1wS5g
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5237 0
0 34ms
32ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeNWsPUCJX8f1E4bv3gObr4WIAuj_2dZfiPGx8PUMubjEnbAbEAEgpczXamCRhJOF_BegAYe1l7MCyAEB4AIAqAMBqgTRAU_QthjmukF-FUnSFvXoqvVhJTs3Zgq8Rm2HsVyteSaLFkT2j2q4xjsbUjq5Aqkv6HWDaV5KfT-yG-Jg9_sYkDf_kWlsYm7cuMrPd8n4Y9aRnGlcUP6j9BRJtNqpMsCR_kVG45VKsUmRb5Ohh50COvk6dOnCmc3TSijBLht-iLz2EdaTLbTXnhBi-B1BtPJwGrfhxRiOQBwy4Uhd2vQEwRj0JQPPEzGOOuW1nHuYsTOwub4o1ccjK8alir_m7zoNnGH9Vv9ZmNa-QDeN8oLg-f3FwAT-4vWd1ALgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHiMLQvgGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQnbNQ0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NzU5MjA5MzM5MDYwNzI1gAoDyAsBsgwUcHViLTU5MDIwODMyODUzMDI3NznYEww&sigh=otcZhk9IXHw&template_id=5001&tpd=AGWhJms9cSY56CU0nSVPP18z4VtDFdO3KJGUMNmbAF9COUVX9g
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 4974886018 Show response
g.ezoic.net/dac/ 0
93 B 74ms
23ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4974886018
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/banger.js?cb=191-2&bv=89&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
248 B 19ms
17ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQ3NDkifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc085d00002b8950368000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830398"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92099dc2b89-FRA
expires: Thu, 15 Oct 2020 06:39:57 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
152 B 25ms
23ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI3MzZlNDk5OGM3Y2FlMjFlNmM2N2UwOGUyZGU0ZGI3NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDE2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAxNiwiYmlkX2Zsb29yX3ByZXYiOjAuMDA0NSwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4ODYwMTgifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc085d00002b89a4a46000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830398"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92099e02b89-FRA
expires: Thu, 15 Oct 2020 06:39:58 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
289 B 18ms
17ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTEwLTE2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc085d00002b896f209000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830398"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92099e12b89-FRA
expires: Thu, 15 Oct 2020 06:39:57 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 20ms
19ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhdWN0aW9uX2Vwb2NoIjoxNjAyODMwMzk4LCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImJpZF9mbG9vcl9pbml0aWFsIjo4NTAsImJpZF9mbG9vcl9wcmV2Ijo0NTAsImJpZF9mbG9vcl9maWxsZWQiOjE2MCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MjQzLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4fV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc085e00002b8983316000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830398"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92099e42b89-FRA
expires: Thu, 15 Oct 2020 06:39:57 UTC

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5237 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nor.applersg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 10:57:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 330133
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 12 Oct 2021 10:57:44 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5237 11 KB
11 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nor.applersg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 14:47:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 229925
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 13 Oct 2021 14:47:52 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5237
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 16 Oct 2020 06:39:57 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5237 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85515
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5237 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33179
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
179 B 185ms
184ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=1445357358142215&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=3&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Daea15b65f697c2bc2826a2d1d3e3275f%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D300%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D550%26reqt%3D1602830397798&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397802&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=990&adks=1313132013&ucis=j&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=20&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

bcf9606301829552af940c8cad02a9026a84f27c3ebda5e702d86e9f41e21c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 189ms
188ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2198597644295884&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=3&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Daea15b65f697c2bc2826a2d1d3e3275f%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D300%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D550%26reqt%3D1602830397815&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397818&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=720&adks=1741669899&ucis=k&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=21&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

dd8917bfba41cd4f3a511647556b9e770e72ae1a14fa29c464f922570f012939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 170ms
170ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=1950326946405961&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=3&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Daea15b65f697c2bc2826a2d1d3e3275f%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D300%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D550%26reqt%3D1602830397823&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397825&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=450&adks=450323450&ucis=l&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=22&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

c98816b17e6dd580ac24b8de8d0a6c401ab88b799d9d867cc0c4987de8d43755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
184 B 166ms
165ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=644599317734591&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=3&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Daea15b65f697c2bc2826a2d1d3e3275f%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D300%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D550%26reqt%3D1602830397849&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397853&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=180&adks=1015830945&ucis=m&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=23&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

38c4a57fcfb3b9ceb053b5c6ee30454cc2ab23f39ac1676e81d03a3b39dbd2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 206ms
206ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=1601172007902405&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60%7C320x310%7C360x410%7C320x430&fluid=height&ris=1&rcs=3&prev_scp=iid2%3D148486%26iit%3D7%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dapplersg_com-box-2-148486%26eb_br%3Dbb779436aa3533ea7e00abe462374b80%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D200%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C20%26lb%3D280%26reqt%3D1602830397857&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830397&dt=1602830397860&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=231&adys=246&adks=2833990747&ucis=n&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=24&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x420&msz=847x402&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=847&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

7cc1eda04bbf677975f3caf193096f28adfbcca0242b2c52a5d14b49015dff36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 152ms
151ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=4229011477403469&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=4&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D13817432a186231a2c8afb2cc1bac45d%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D140%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%26lb%3D300%26reqt%3D1602830398316&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398319&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=990&adks=1313132013&ucis=o&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=25&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

362e830d31e4cb9e6f496dff019ba651f5b5138ea92af07ceba5c7ef2f446a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 158ms
157ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2677707711645590&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=4&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D13817432a186231a2c8afb2cc1bac45d%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D140%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%26lb%3D300%26reqt%3D1602830398332&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398334&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=720&adks=1741669899&ucis=p&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=26&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

b607349246c00e5e3976b05ff2e89618d436efe82685162aa2752b065531468f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 178ms
178ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3561043227170386&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=4&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D13817432a186231a2c8afb2cc1bac45d%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D140%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%26lb%3D300%26reqt%3D1602830398337&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398339&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=450&adks=450323450&ucis=q&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=27&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

aa0bd1b6156023b441ad94dbb05bcd5ccede476b22b8f12d6497524a48a72f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 180ms
179ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2898581735704131&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=4&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D13817432a186231a2c8afb2cc1bac45d%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D140%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%26lb%3D300%26reqt%3D1602830398365&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398369&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=180&adks=1015830945&ucis=r&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=28&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

5e3a6f5891b780a3406f4d4a4fe7e776f2280c4f6a00c8dcf4d96923ece84bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 270ms
270ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3609700627145339&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60%7C320x310%7C360x410%7C320x430&fluid=height&ris=1&rcs=4&prev_scp=iid2%3D148486%26iit%3D7%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dapplersg_com-box-2-148486%26eb_br%3D736e4998c7cae21e6c67e08e2de4db76%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D160%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C20%2C20%26lb%3D200%26reqt%3D1602830398373&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398376&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=231&adys=246&adks=2833990747&ucis=s&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=29&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=82&icsg=4436305872683016&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x420&msz=847x402&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=847&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

67bdebcc70d04370d3c8609a4564a72a8f80c393b2ca8141eb5386a9f9f900de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 821 B
1 KB 35ms
9ms Script
application/javascript 2600:9000:2057:fc00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fc00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 03:15:53 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Fri, 28 Aug 2020 00:49:20 GMT
server: nginx/1.16.0
age: 3295445
etag: "335-5ade56c524400;5aeb0a89dfb5f-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 821
x-amz-cf-id: GN9zz530dc46RYZJ6KJEGu0Q6PACtdpLKliCLAfnxbxgfLCvqb8xdA==

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 24ms
22ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQ0In1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc0c5c00002b8980b3e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830399"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc926ff5c2b89-FRA
expires: Thu, 15 Oct 2020 06:39:58 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 29ms
26ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNzYifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc0c5d00002b8974b53000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830399"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc926ff602b89-FRA
expires: Thu, 15 Oct 2020 06:39:58 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
282 B 23ms
21ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIyMzAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjI0NSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTEwOCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTc5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjExMDgifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjQ0OSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMTA4In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI3MTkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTEwOCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiOTg5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc0c5d00002b899939a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830399"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc926ff622b89-FRA
expires: Thu, 15 Oct 2020 06:39:58 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 39ms
37ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc0c5f00002b8985b9a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830399"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc926ff662b89-FRA
expires: Thu, 15 Oct 2020 06:39:58 UTC

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 9ms
7ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
content-encoding: gzip
etag: "O/+l6c17R2TQ0JQMJXOiXA=="
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Oct 2020 06:39:58 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 72ms
25ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 16 Oct 2020 06:39:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 17 Oct 2020 06:39:58 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
348 B 54ms
17ms Script
application/x-javascript 2600:9000:206e:fa00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:fa00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 23:00:10 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 27589
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: k1SAeZ2JT6R6tHU-GZO3ZbWZ6PL3E_FbgUdQ-GklxkSmiwdltpmu4g==

GET
H2 200 pixel;r=1707781940;labels=Domain.applersg_com%2CDomainId.112957;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fnor.applersg.com%2F;fpan=1;fpa=P0-882524122-1602830398637;ns=0;ce=1;qjs=1;qv=3364aec3-...
pixel.quantserve.com/ 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1707781940;labels=Domain.applersg_com%2CDomainId.112957;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fnor.applersg.com%2F;fpan=1;fpa=P0-882524122-1602830398637;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=applersg.com;je=0;sr=1600x1200x24;dst=1;et=1602830398637;tzo=-120;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:58 GMT
strict-transport-security: max-age=86400
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1602830398640&ns_c=UTF-8&cv=3.5&c8=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&c7=https%3A%2F%2Fnor.applersg.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1602830398640&ns_c=UTF-8&cv=3.5&c8=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&c7=https%3A%2F%2Fnor.applersg.com%2F...

0
528 B

24ms
23ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1602830398640&ns_c=UTF-8&cv=3.5&c8=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&c7=https%3A%2F%2Fnor.applersg.com%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Oct 2020 06:39:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1602830398640&ns_c=UTF-8&cv=3.5&c8=Apple-Utstyr%20Og%20Alt%20Forbundet%20Med%20Det%20-%20applersg.com&c7=https%3A%2F%2Fnor.applersg.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 16 Oct 2020 06:39:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5237 42 B
93 B 39ms
38ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZUsViSOcNdm7L_pGFb6IBF9PoLWkB8VolvKp8Om0IYgncD5Z5YnJjHlIk8BEzgCnFaGjDoNyu9RR1e2yJGgC4mhJT1XKsbHDk0DU1KFwgrsPQyL6xxPvVkOdbwg&sai=AMfl-YSb7w2oZq38q7ajZsC9fV0kVsRsNgLekm8M23lNkS9wpo2UQhiDuT_Xscanu7xc_cw55GHCzuLLaoh-skcfrmN9gm8EnqyJJA4OCISGKuRmhcan79PE3QcumRs&sig=Cg0ArKJSzKvmEtYDsatZEAE&cid=CAASF-Rojr4rP4f6LBZ-hITtjfECaQXpZ3UB&id=ampim&o=315,1108&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=129&tls=1129&g=100&h=100&tt=1129&r=v&avms=ampa&adk=809236414

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:39:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
184 B 23ms
23ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:58 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc0d1300002b89b4270000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830399"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92819c22b89-FRA
expires: Thu, 15 Oct 2020 06:39:57 UTC

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 201ms
200ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3253293106747099&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=5&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfc44e27e7de5f52a5f3c42d1877542d7%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D46%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%26lb%3D140%26reqt%3D1602830398832&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398835&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=990&adks=1313132013&ucis=t&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=30&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

57c914e511de1a380ad46c9adaa93dc27d960b55b93d7ac12e2cdd13e40f5546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 177ms
177ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2799407163696380&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=5&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfc44e27e7de5f52a5f3c42d1877542d7%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D46%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%26lb%3D140%26reqt%3D1602830398848&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398850&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=720&adks=1741669899&ucis=u&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=31&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

0d1a059991d747fe3cb1f6a11c53fc7403f72b3d7b516351d4d069d9dff91c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
185 B 168ms
168ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=4113573409798581&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=5&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfc44e27e7de5f52a5f3c42d1877542d7%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D46%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%26lb%3D140%26reqt%3D1602830398855&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398857&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=450&adks=450323450&ucis=v&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=32&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

c16c2fa7b263969ae1dbd28b6baa5fce2504bf62c146b1d8195ee340881960e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
162 B 163ms
162ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=655143840879442&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=5&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3Dfc44e27e7de5f52a5f3c42d1877542d7%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D46%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%26lb%3D140%26reqt%3D1602830398881&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398884&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=180&adks=1015830945&ucis=w&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=33&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

4a7ba71fa9779984de5d66afaecf650fef62a565f57d6a451db93924568ee30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 315 B
161 B 187ms
187ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3739571089660863&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60%7C320x310%7C360x410%7C320x430&fluid=height&ris=1&rcs=5&prev_scp=iid2%3D148486%26iit%3D7%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dapplersg_com-box-2-148486%26eb_br%3D13817432a186231a2c8afb2cc1bac45d%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D140%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C20%2C20%2C17%2C20%26lb%3D160%26reqt%3D1602830398890&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830398&dt=1602830398893&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=231&adys=246&adks=2833990747&ucis=x&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=34&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x420&msz=847x402&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=847&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

52de6bbfbb2ece049db8b322d2cdacd54531cc7ac69a13b09ee03120ff70f675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
175 B 18ms
18ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQwOTM2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4ODYwMTgsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDA5MzYiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4NjAxOCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNDA5MzYiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4NjAxOCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMjIifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc0e3300002b8985bc4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830399"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc929ed442b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
29 KB 217ms
216ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=672981523212405&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=6&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D295bc01864bf3dbd0117e0a3f7f6bc96%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D10%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26lb%3D46%26reqt%3D1602830399349&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830399&dt=1602830399352&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=990&adks=1313132013&ucis=y&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=35&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

c71490f053928a042e04d70da8a518e4a25d2d5d642d46dd460b9d5858e3db17

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP6d3sTAuOwCFZiUdwodWtkC4g&gqi=&layout=/sadbundle/%24csp%253Der3%24/13328296605947543226/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP6d3sTAuOwCFZiUdwodWtkC4g&gqi=&layout=/sadbundle/%24csp%253Der3%24/13328296605947543226/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29338
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 16 Oct 2020 06:39:59 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
26 KB 192ms
191ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=3126884418023994&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=6&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D295bc01864bf3dbd0117e0a3f7f6bc96%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D10%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26lb%3D46%26reqt%3D1602830399365&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830399&dt=1602830399368&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=720&adks=1741669899&ucis=z&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=36&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

b69fb3cc6baf0a6c03552e92ebe96cacab5de41a348e36f1e55de7b1abd7a026

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJqX38TAuOwCFRGFgwcdgTYDZg&gqi=&layout=/sadbundle/%24csp%253Der3%24/13328296605947543226/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13328296605947543226/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJqX38TAuOwCFRGFgwcdgTYDZg&gqi=&layout=/sadbundle/%24csp%253Der3%24/13328296605947543226/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26065
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 16 Oct 2020 06:39:59 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 206ms
206ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2322833904860095&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=6&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C3%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D295bc01864bf3dbd0117e0a3f7f6bc96%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D10%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26lb%3D46%26reqt%3D1602830399376&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830399&dt=1602830399379&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=450&adks=450323450&ucis=10&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0000FF|color_text,,000000|color_url,,828282&ifi=37&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

02580f3f08864930cf99361712ef0d261adf28c715a6f7b6eea16b6408523697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10597
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 186ms
186ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2791329403997407&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C320x310%7C370x350%7C360x360&fluid=height&ris=1&rcs=6&prev_scp=iid2%3D119935%26iit%3D4%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dapplersg_com-box-1-119935%26eb_br%3D295bc01864bf3dbd0117e0a3f7f6bc96%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D7%26shp%3D3%26acptad%3D1%26ft%3D1%26br1%3D10%26br2%3D800%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26lb%3D46%26reqt%3D1602830399399&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830399&dt=1602830399403&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=1109&adys=180&adks=1015830945&ucis=11&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=38&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x270&msz=302x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

958783610b490ca38a7c2e9a13390c9b9615eca326d29e217266718cfe59221a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10296
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 204ms
204ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057600044535346&correlator=2076373304791272&output=ldjh&impl=fif&adsid=NT&eid=21068028%2C21063669%2C21064170%2C21067448%2C21067753%2C21067454&vrg=2020101401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201016&iu_parts=21732118914%2Capplersg_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C580x400%7C728x90%7C320x50%7C468x60%7C970x90%7C234x60%7C320x310%7C360x410%7C320x430&fluid=height&ris=1&rcs=6&prev_scp=iid2%3D148486%26iit%3D7%26t%3D134%26d%3D112957%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D5302779%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dapplersg_com-box-2-148486%26eb_br%3D9b8b7ac6c7f250874e7a1340470af55d%26eba%3D1%26ebss%3D10061%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D120%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C0%252C67%252C0%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C20%2C20%2C17%2C20%2C17%2C20%26lb%3D140%26reqt%3D1602830399406&eri=1&cookie=ID%3D30b35f87780d8654%3AT%3D1602830393%3AS%3DALNI_MaRDMfnMdEz6CzpVlHZJqoSfr5vcw&bc=31&abxe=1&lmt=1602830399&dt=1602830399408&dlt=1602830392767&idt=653&frm=20&biw=1600&bih=1200&oid=3&adxs=231&adys=246&adks=2833990747&ucis=12&sps=channel,,3516837013|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=39&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnor.applersg.com%2F&dssz=86&icsg=4234424608620552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x420&msz=847x402&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=345941445.1602830393&ga_sid=1602830393&ga_hid=771696603&ga_wpids=UA-131124028-26&fws=4&ohw=847&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

8396f90987f027722f96766bfb24d701e9a4c58becab96b4081ef5f52f7353d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10555
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nor.applersg.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F1A7 0
0 28ms
14ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 16 Oct 2020 06:39:53 GMT
expires: Sat, 16 Oct 2021 06:39:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 6
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9D44 0
0 14ms
14ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nor.applersg.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://nor.applersg.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 16 Oct 2020 06:39:53 GMT
expires: Sat, 16 Oct 2021 06:39:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 6
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4974903501 Show response
g.ezoic.net/dac/ 0
40 B 26ms
24ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4974903501
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/banger.js?cb=191-2&bv=89&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
168 B 35ms
33ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyOTViYzAxODY0YmYzZGJkMDExN2UwYTNmN2Y2YmM5NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDI4MzAzOTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAxLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA0Niwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDExMjM1MTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI0OTc0OTAzNTAxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc107a00002b89428a2000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92d9cd22b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 28ms
26ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTEwLTE2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc107a00002b896f2ab000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92d9cd42b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
243 B 19ms
18ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDI4MzAzOTIsImF1Y3Rpb25fZXBvY2giOjE2MDI4MzA0MDAsImFkX3Bvc2l0aW9uIjoxMTAxLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiYmlkX2Zsb29yX2luaXRpYWwiOjE2MDAsImJpZF9mbG9vcl9wcmV2Ijo0NiwiYmlkX2Zsb29yX2ZpbGxlZCI6MTAsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjIxMywibXVsdGlfYWRfdW5pdCI6MiwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc107b00002b89570e6000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92d9cd62b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012009282107000/ Frame 89E1 180 KB
51 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be76304e30fa9b218c48d6ff8371d274849ad8b93f1d620c29ff4c0b51a7007d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201139
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51872
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9398ddf16214957a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:40 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 89E1 14 KB
5 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a5a5b30ae334bcd42d693c5bef0b04e60508189d783c7c14145f6a9571f53eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201125
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5251
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cd0e22e3cb35fef1"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:54 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 89E1 89 KB
28 KB 41ms
26ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19fc7f0d04ad5a2a4a7411b376ea325d2b761344f8517d4b818240c027d0618e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201135
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27538
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d668881fb8d2002"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:44 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 89E1 3 KB
1 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bc604e02fe45bc11d4a184f7b35714477914d76c83a8c87ff6a6a9d0c62b9e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224437
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 16:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40d38a4fa451e619"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 16:19:22 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 89E1 42 KB
13 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42d51a6cdcd5a1f054242eac3bf88b8a8e267c45ced19f226391003c9d0824ea

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 334903
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13481
x-xss-protection: 0
server: sffe
date: Mon, 12 Oct 2020 09:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3fc780a1789373c2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Oct 2021 09:38:16 GMT

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 89E1 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85517
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 89E1 295 B
324 B 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33181
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame 89E1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44b8d4aa7fb7625138d3927927da16204756ffa25dfddda4de06242da4f6eef3

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 3868768059720697288
tpc.googlesyndication.com/simgad/ Frame 89E1 123 KB
123 KB 33ms
27ms Image
image/gif 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3868768059720697288

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4691d2d9bbf29b666d996e8cb483e60fa6f3e071f1091a57c2b3ac4413216b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 13:31:08 GMT
x-content-type-options: nosniff
age: 61731
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125745
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 02:40:35 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Oct 2021 13:31:08 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 89E1 0
0 35ms
30ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdDMlElin1AgaOwNa-YLFxDafqhO3em5MXXr9pd7PKWgdpJoSATcNV7DvOWyJKO2K6egq6_XK7wYCUMh9J1WWhVmLtqA
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 89E1 0
0 46ms
40ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWppLP0CJX_q6G8eEjuwPh8GSgA-8m8_ZX-7DrZvBDNjdrPCxCRABIKXM12pgkYSThfwXoAGt3IqIA8gBA-ACAKgDAcgDCKoE1AFP0IOr5ElwAjtehoTRIQKtPcR4RazxLy5UNFecJ3aqYYbTlGO2-57lcLjnBXe3yLKpPrcFbtF6EPf-wNQnoX_Mz4wMi9zBERvOxio93mokBU8rye9IVzYMxBtRb9Bgz0oe5RX9dINoOrV-G2Cawb5JmXkgzeRGlODOd38vB2FKsQKFqikB28JO3jbBF9GwgmnyW65cToS0y7CXA_M4zOBYYbYeU3Tj8TScTNt86S8gCQQsd8I4gEgTpqbGWBtEdIwetLBFkhSspVOjsjS2PP6Vla5pYMAE1NqCjOgB4AQBkgUECAQYAZIFBAgFGASgBgOAB4KmxWqoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwMQ8C7SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTY3NTkyMDkzMzkwNjA3MjWACgPICwGyDBRwdWItNTkwMjA4MzI4NTMwMjc3OdgTDA&sigh=lKy8b8qmDto&tpd=AGWhJmtfCcwu8wM7P6Fd_NMJJnf_xdYWGXOomMrrvoEGvsCxRg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012009282107000/ Frame 6A78 180 KB
51 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be76304e30fa9b218c48d6ff8371d274849ad8b93f1d620c29ff4c0b51a7007d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201139
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51872
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9398ddf16214957a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:40 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 6A78 14 KB
5 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a5a5b30ae334bcd42d693c5bef0b04e60508189d783c7c14145f6a9571f53eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201125
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5251
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cd0e22e3cb35fef1"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:54 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 6A78 89 KB
27 KB 60ms
29ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19fc7f0d04ad5a2a4a7411b376ea325d2b761344f8517d4b818240c027d0618e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201135
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27538
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d668881fb8d2002"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:44 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 6A78 3 KB
1 KB 53ms
22ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bc604e02fe45bc11d4a184f7b35714477914d76c83a8c87ff6a6a9d0c62b9e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224437
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 16:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40d38a4fa451e619"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 16:19:22 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 6A78 42 KB
13 KB 55ms
24ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42d51a6cdcd5a1f054242eac3bf88b8a8e267c45ced19f226391003c9d0824ea

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 334903
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13481
x-xss-protection: 0
server: sffe
date: Mon, 12 Oct 2020 09:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3fc780a1789373c2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Oct 2021 09:38:16 GMT

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A78 3 KB
3 KB 64ms
14ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85517
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A78 295 B
388 B 105ms
55ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33181
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame 6A78 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2f830574d8dcbbaf3d89c2b6292f0bcd0049ba325365e34f48799490194a6be

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 18057306512686123892
tpc.googlesyndication.com/simgad/ Frame 6A78 45 KB
45 KB 96ms
56ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18057306512686123892?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkTjQ3Nj0XtVYPuM7AHkREk7C-H3A

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a671d94fbc88d51ca7e4c4bc867aa80e5dcd6b1d5ea3759f613342acef95439a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 02:13:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 07:43:50 GMT
server: sffe
age: 361609
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45948
x-xss-protection: 0
expires: Tue, 12 Oct 2021 02:13:10 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6A78 0
0 110ms
70ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyR99P0CJX_nCGpCZrATDmo-YDuj_2dZf8YC95vELubjEnbAbEAEgpczXamCRhJOF_BegAYe1l7MCyAEC4AIAqAMByAMIqgTVAU_QW8m7H_Oqnk0QG16AcY9LqwkG3mdGX3i1oRB_pkZg_czVb2RmeLggb9EodKRMpS4yKhGLF1ucMW8zCnQ4LV52vpzx2Sb66dVM3ntH9w4dJgERfOPL0_2dm1dZtqnVc8YPrXiG0rmRuXsVaJ_FuMoKkz9PaAblZIq9TnJC-fqF-hgUeCqfX_nVwzgvHUZxkDwkVtumbDyT6s_6823AgfW8hLjbDs7ZvvztNsjfyQFlwSShJALnpXWWZoTshiU8_KozdwMt-xCSgeumDFAgJtWKz2ElLMAE_uL1ndQC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4jC0L4BqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcDEPAu0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NzU5MjA5MzM5MDYwNzI1gAoDyAsBsgwUcHViLTU5MDIwODMyODUzMDI3NznYEww&sigh=3RU24LC6Ww0&tpd=AGWhJmu9Lynpx7OjFm-gMAuAghdvHpirTQozzTLpBOuhW2N-PA
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 4974903501 Show response
g.ezoic.net/dac/ 0
17 B 82ms
47ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4974903501
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/banger.js?cb=191-2&bv=89&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 82ms
0ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyOTViYzAxODY0YmYzZGJkMDExN2UwYTNmN2Y2YmM5NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDI4MzAzOTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAxLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA0Niwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDExMjM1MTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI0OTc0OTAzNTAxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc10d300002b899b883000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e1e672b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 83ms
0ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTEwLTE2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc10d500002b896534a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e1e6c2b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
141 B 82ms
0ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImF1Y3Rpb25fZXBvY2giOjE2MDI4MzA0MDAsImFkX3Bvc2l0aW9uIjoxMTAxLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiYmlkX2Zsb29yX2luaXRpYWwiOjE2MDAsImJpZF9mbG9vcl9wcmV2Ijo0NiwiYmlkX2Zsb29yX2ZpbGxlZCI6MTAsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjI0MiwibXVsdGlfYWRfdW5pdCI6MywibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc10d300002b896e3e0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e1e702b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012009282107000/ Frame A8EF 180 KB
51 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be76304e30fa9b218c48d6ff8371d274849ad8b93f1d620c29ff4c0b51a7007d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201139
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51872
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9398ddf16214957a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:40 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame A8EF 14 KB
5 KB 75ms
63ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a5a5b30ae334bcd42d693c5bef0b04e60508189d783c7c14145f6a9571f53eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201125
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5251
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cd0e22e3cb35fef1"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:54 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame A8EF 89 KB
27 KB 76ms
64ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19fc7f0d04ad5a2a4a7411b376ea325d2b761344f8517d4b818240c027d0618e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 201135
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27538
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 22:47:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5d668881fb8d2002"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:47:44 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame A8EF 3 KB
1 KB 81ms
69ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bc604e02fe45bc11d4a184f7b35714477914d76c83a8c87ff6a6a9d0c62b9e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224437
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
server: sffe
date: Tue, 13 Oct 2020 16:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40d38a4fa451e619"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Oct 2021 16:19:22 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame A8EF 42 KB
13 KB 82ms
70ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42d51a6cdcd5a1f054242eac3bf88b8a8e267c45ced19f226391003c9d0824ea

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 334903
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13481
x-xss-protection: 0
server: sffe
date: Mon, 12 Oct 2020 09:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3fc780a1789373c2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Oct 2021 09:38:16 GMT

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A8EF 3 KB
3 KB 27ms
14ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85517
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A8EF 295 B
319 B 69ms
56ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101401.js?21068028

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33181
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame A8EF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9c8e32e4bccf70942f82377429d18d16198950f403eb6d744668c8fadd4dc86

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 9439541284179583199
tpc.googlesyndication.com/daca_images/simgad/ Frame A8EF 27 KB
27 KB 98ms
9ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9439541284179583199

Requested by

Host: nor.applersg.com
URL: https://nor.applersg.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e207837dee326649e4125146ff95a52f863d533ddb05567af0dcef17c3c69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 11:53:14 GMT
x-content-type-options: nosniff
age: 499605
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27226
x-xss-protection: 0
last-modified: Mon, 04 Feb 2019 21:23:29 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Oct 2021 11:53:14 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame A8EF 0
0 102ms
13ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWIwmKNXTK-BBEe7qAxqoHykvu5zcCKAuQ4Fu7wuvdtPckdQ4au60evENzqeF-9LkdElmx2CVxn6zpZ1QEGmoMbFt2Bg
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A8EF 0
0 122ms
34ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct9KRP0CJX8TkG9Sv3gOvpJZwxt-4oV7q17L-rgvHgqPmkg4QASClzNdqYJGEk4X8F6ABoPn3_gLIAQKpAgwFqlm1prM-4AIAqAMByAMIqgTbAU_QvHAEqnkBhpebGv-IH0Vfj6yr527pi-rGLhBmyaZy3AxG5oF17KD-a5NDtSsA1yR099dF73yEQgoUSoDETDQYAv_WV4sLBJ_ikqik7yfWEjZvBaSAs12ou-K-deAh8Y-C9gOHH1qQw7GVtknXm2YHvzSAnQ3umv5budYvzCP61j8-7u-YLwI9soCCWoDgZySf_R72-EHm9idg2zeyg8Gygc5V2NwqGzup3c-IeEajXe2XBW20sbamkRGHEQW55fJTDATOdfqd5OVcp8VKHBKkCsxyfsktJMrcmMAEs9uG2fIC4AQBkgUECAQYAZIFBAgFGASgBgKAB8iGiIEBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEIf_NtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjc1OTIwOTMzOTA2MDcyNYAKA8gLAbIMFHB1Yi01OTAyMDgzMjg1MzAyNzc52BMM&sigh=TD9T_hVqTG0&tpd=AGWhJmt1ZoWReKbAG9LBZwCQ0yIUre6AbjJvCfFYjn1dC8I3ng
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 4974903501 Show response
g.ezoic.net/dac/ 0
40 B 405ms
324ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4974903501
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/banger.js?cb=191-2&bv=89&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:00 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 118ms
20ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyOTViYzAxODY0YmYzZGJkMDExN2UwYTNmN2Y2YmM5NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMSwiYmlkX2Zsb29yX3ByZXYiOjAuMDAwNDYsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDExMjM1MTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI0OTc0OTAzNTAxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc111f00002b89b4948000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e9fd32b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 117ms
18ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTEwLTE2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc111f00002b8965354000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e9fd62b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 118ms
20ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhdWN0aW9uX2Vwb2NoIjoxNjAyODMwNDAwLCJhZF9wb3NpdGlvbiI6MTEwMSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImJpZF9mbG9vcl9pbml0aWFsIjoxNjAwLCJiaWRfZmxvb3JfcHJldiI6NDYsImJpZF9mbG9vcl9maWxsZWQiOjEwLCJhdWN0aW9uX2NvdW50Ijo3LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjoyMTEsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50Ijo0LCJuZXR3b3JrX2NvZGUiOjIxNzMyMTE4OTE0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDF9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc111f00002b8980ba5000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e9fd72b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 4974903501 Show response
g.ezoic.net/dac/ 0
17 B 94ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4974903501
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/banger.js?cb=191-2&bv=89&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
248 B 107ms
23ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMjk1YmMwMTg2NGJmM2RiZDAxMTdlMGEzZjdmNmJjOTYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAxLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMSwiYmlkX2Zsb29yX3ByZXYiOjAuMDAwNDYsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk3NDkwMzUwMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc112300002b89aab3d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e9fda2b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 111ms
27ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTAtMTYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc112000002b89833da000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e9fdd2b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 99ms
17ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDI4MzAzOTIsImF1Y3Rpb25fZXBvY2giOjE2MDI4MzA0MDAsImFkX3Bvc2l0aW9uIjoxMTAxLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiYmlkX2Zsb29yX2luaXRpYWwiOjE2MDAsImJpZF9mbG9vcl9wcmV2Ijo0NiwiYmlkX2Zsb29yX2ZpbGxlZCI6MTAsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjI0MywibXVsdGlfYWRfdW5pdCI6MSwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc112000002b89570f7000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e9fdf2b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 4974890611 Show response
g.ezoic.net/dac/ 0
17 B 50ms
20ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4974890611
Requested by: Host: nor.applersg.com
URL: https://nor.applersg.com/porpoiseant/banger.js?cb=191-2&bv=89&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 0

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 55ms
20ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI5YjhiN2FjNmM3ZjI1MDg3NGU3YTEzNDA0NzBhZjU1ZCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDEyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAxMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDAxNCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODkwNjExLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ5NzQ4OTA2MTEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc112000002b8961187000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92e9fe12b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 56ms
21ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTEwLTE2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc112400002b89428bb000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92eafee2b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 62ms
28ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhdWN0aW9uX2Vwb2NoIjoxNjAyODMwNDAwLCJhZF9wb3NpdGlvbiI6MTEwMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImJpZF9mbG9vcl9pbml0aWFsIjo4NTAsImJpZF9mbG9vcl9wcmV2IjoxNDAsImJpZF9mbG9vcl9maWxsZWQiOjEyMCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MjYwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoyMTczMjExODkxNCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTc0ODkwNjExfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:39:59 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc112400002b896e998000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830400"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc92eafef2b89-FRA
expires: Thu, 15 Oct 2020 06:39:59 UTC

GET
H3-Q050 200 3868768059720697288
tpc.googlesyndication.com/simgad/ Frame 89E1 123 KB
123 KB 7ms
6ms Image
image/gif 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3868768059720697288

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4691d2d9bbf29b666d996e8cb483e60fa6f3e071f1091a57c2b3ac4413216b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 13:31:08 GMT
x-content-type-options: nosniff
age: 61731
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125745
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 02:40:35 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Oct 2021 13:31:08 GMT

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 89E1 3 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85517
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 89E1 295 B
388 B 42ms
40ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33181
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
H3-Q050 200 18057306512686123892
tpc.googlesyndication.com/simgad/ Frame 6A78 45 KB
45 KB 44ms
41ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18057306512686123892?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkTjQ3Nj0XtVYPuM7AHkREk7C-H3A

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a671d94fbc88d51ca7e4c4bc867aa80e5dcd6b1d5ea3759f613342acef95439a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 02:13:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Aug 2020 07:43:50 GMT
server: sffe
age: 361609
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45948
x-xss-protection: 0
expires: Tue, 12 Oct 2021 02:13:10 GMT

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A78 3 KB
3 KB 42ms
40ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85517
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A78 295 B
319 B 42ms
40ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33181
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
H3-Q050 200 9439541284179583199
tpc.googlesyndication.com/daca_images/simgad/ Frame A8EF 27 KB
27 KB 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9439541284179583199

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e207837dee326649e4125146ff95a52f863d533ddb05567af0dcef17c3c69e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 11:53:14 GMT
x-content-type-options: nosniff
age: 499605
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27226
x-xss-protection: 0
last-modified: Mon, 04 Feb 2019 21:23:29 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Oct 2021 11:53:14 GMT

GET
H3-Q050 200 no.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A8EF 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/no.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 06:54:42 GMT
x-content-type-options: nosniff
server: cafe
age: 85517
etag: 7127422092083725281
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2706
x-xss-protection: 0
expires: Fri, 16 Oct 2020 06:54:42 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A8EF 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 33181
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 16 Oct 2020 21:26:58 GMT

GET
H2 200 greenoaks.gif
nor.applersg.com/detroitchicago/ 43 B
266 B 27ms
27ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJkb21haW5faWQiOiIxMTI5NTciLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjYxNzA4OCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI2In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjcxOTA4OCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNiJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNzMyODAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI0NTgwIn1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc14c600002b895ab01000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9346c8d2b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 17ms
16ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDI4MzAzOTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc14d500002b8941a00000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9348cbe2b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
145 B 15ms
14ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDI4MzAzOTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc14d500002b89a011d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9348cc42b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6A78 42 B
65 B 28ms
27ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxDVXEUvwIB1d-0D07EBqfzdnxWly7huOSN7HpF_GHyScjTQZGrfeE13K6XfHLTyQRAf9qQBW4J2n9_ySjniLbq2-ubCqczrdn04qQJCDjd1b72Kig51kQBT1IyQ&sai=AMfl-YQQYWDbZKysqS7tea2BLxG8W7ih-giPAxhmXqKLtSgvzREReBWxfwX8dKAY1I4Acl8J6DN0cJScVuTKPzjqoHgZkyFkSoCLgITy8R7gGNl1eSHyJml4oTXR4_c&sig=Cg0ArKJSzGOCvyiwliMWEAE&cid=CAASF-RoVUgUBsRr7a6ghYqgDmAL1s8AHBKY&id=ampim&o=1109,450&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=186&tls=1186&g=99.83333349227905&h=99.83333349227905&tt=1186&r=v&avms=ampa&adk=450323450

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:40:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 89E1 42 B
221 B 21ms
21ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteM-Nk-Q-ZaxWsj3UGUUAsAx07tuHTtXL7v1nJdJ4ZPzT19BnVVRU2qC9nz-xBcBa2uasqM_CparycODiqfBOLDhY3AVsGH-VHqdzrYiAuxaO98yu6dTUWG0uLXg&sai=AMfl-YS5qKG64SJhaxl3ry4gmzqlz3OKxjhK7K72EYwBSlzfVyNWJT_gfdFBrThrMyAhembBA35f3sw9sH2bBud6OvPnCwOVLjZehbjEUmEq0FhWGm0XJxwGQVQCNb4&sig=Cg0ArKJSzDoS5GH7g_KlEAE&cid=CAASF-Ror5E4sQW3SRX_vyzwsJ-BtfLEyUTI&id=ampim&o=1109,180&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=218&tls=1220&g=99.83333349227905&h=99.83333349227905&tt=1220&r=v&avms=ampa&adk=1015830945

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:40:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 22ms
21ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDI4MzAzOTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc15d200002b895ab1c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc93618752b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 26ms
25ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:00 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc15d200002b89ad345000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc93618782b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A8EF 42 B
608 B 27ms
23ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrjioAtusKd3n_6n3hWzY-j1W4QX3laYnjSK28GYyJjt211vFUk1bLtOZFUcylz0Y5oxvDtO7Q2jRwJ2okx4-6CFFbJmM9ezepEA83TVry0hLjzbqcm8qaJ0jHCQ&sai=AMfl-YQIPUo21MqgPcxsB30DSB-Bkg3RQQe14SUg75Shi8K9zZJ2cd1RFaGfAH1-38Zgwobgbsx5IVL3cQVd50ftgCP2FM7xAOYW7alV1lgHVXDfpl6aH1ViUdioPdo&sig=Cg0ArKJSzIcOisWSVrpNEAE&cid=CAASF-Ro4FTz2eVt-70uRRdAxdtjeOtDJU4g&id=ampim&o=427,246&d=454,378&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=129&tls=1129&g=100&h=100&tt=1129&r=v&avms=ampa&adk=2833990747

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Oct 2020 06:40:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
207 B 22ms
18ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:01 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc15eb00002b894b061000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc93648cd2b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
152 B 20ms
19ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzQifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:01 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc164600002b8947ad6000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc936da052b89-FRA
expires: Thu, 15 Oct 2020 06:40:01 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 18ms
18ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzQifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:01 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc165000002b899391d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc936ea202b89-FRA
expires: Thu, 15 Oct 2020 06:40:01 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 22ms
21ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzQifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:01 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc166400002b896ca47000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9370a542b89-FRA
expires: Thu, 15 Oct 2020 06:40:00 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
129 B 21ms
20ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTE5OTM1IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MDI4MzAzOTIsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImZiYzM1OTg0LTAyNmYtNGEwYi03MTFmLTdmNTEwN2I0MjY5OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwMzUwMSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMTk5MzUiLCJkb21haW5faWQiOiIxMTI5NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1hcHBsZXJzZ19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYwMjgzMDM5MiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiZmJjMzU5ODQtMDI2Zi00YTBiLTcxMWYtN2Y1MTA3YjQyNjk4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTAzNTAxLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjExOTkzNSIsImRvbWFpbl9pZCI6IjExMjk1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWFwcGxlcnNnX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDM1MDEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzQifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:01 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc167200002b895009b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9371a8a2b89-FRA
expires: Thu, 15 Oct 2020 06:40:01 UTC

GET
H2 200 army.gif
nor.applersg.com/porpoiseant/ 43 B
145 B 15ms
14ms Image
image/gif 2606:4700:3034::6818:6238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nor.applersg.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NTQsMzc4XSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTQ4NDg2IiwiZG9tYWluX2lkIjoiMTEyOTU3IiwidW5pdCI6ImRpdi1ncHQtYWQtYXBwbGVyc2dfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjAyODMwMzkyLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJmYmMzNTk4NC0wMjZmLTRhMGItNzExZi03ZjUxMDdiNDI2OTgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTA2MTEsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://nor.applersg.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 06:40:01 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-middleton-display: ezp_sol
content-length: 43
cf-request-id: 05d1bc169900002b89a782b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602830401"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5e2fc9375b452b89-FRA
expires: Thu, 15 Oct 2020 06:40:01 UTC

Verdicts & Comments Add Verdict or Comment

337 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:13:51	Name: test_cookie Value: CheckForPermission
.applersg.com/	1970-01-19 13:15:02	Name: _ym_isad Value: 2
nor.applersg.com/	1970-01-19 22:35:29	Name: cto_bundle Value: Tcq3DF9IbnFjM3BlaSUyQiUyRkh1eUpZMUF6bjVlVVE1b3d3MGdoVUF6UmFFZlZiNEVNS2Z5VXVvcmQxZkhWOGVIWHB2JTJGSkxrdmp0UEw3eDBiMEJPamQ2aElNVjNycnNiQWFzeUdGalJBcGlNS1UzUGVQeHliTFhCaENVSG5NcFJHQTdaWVFYNA
.applersg.com/	1970-01-20 06:45:02	Name: ezosuigeneris Value: c70f7b6240c2fa078071838370a30d3c
.applersg.com/	1970-01-19 17:36:38	Name: __utmz Value: 222222664.1602830393.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.applersg.com/	1970-01-19 13:13:52	Name: __utmb Value: 222222664.2.10.1602830393
.applersg.com/	1970-01-19 13:13:52	Name: ezovid_112957 Value: 484633883
nor.applersg.com/	1969-12-31 23:59:59	Name: ezouspva Value: 0
.applersg.com/	1970-01-19 13:13:50	Name: __utmt_e Value: 1
.applersg.com/	1970-01-19 21:59:26	Name: _ym_d Value: 1602830393
.applersg.com/	1969-12-31 23:59:59	Name: __utmc Value: 222222664
.applersg.com/	1970-01-19 13:16:43	Name: active_template::112957 Value: pub_site.1602830392
.applersg.com/	1970-01-20 06:45:02	Name: __utma Value: 222222664.918754954.1602830393.1602830393.1602830393.1
nor.applersg.com/	1970-01-19 13:57:02	Name: id5id.1st_457_nb Value: 1
nor.applersg.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
nor.applersg.com/	1970-01-19 22:35:29	Name: cto_bidid Value: am4_EF9hREFuUWl5N3kxUk80ODBudEJzUVFtMHRUQ0NXa0lNM1hUWFBmU0lGWmJBV0l5RXJhOVRzaDh0YmVydmtUbUtTbTZnRDlKVGxtMWRYbnRlVDR5Mkw5ZyUzRCUzRA
nor.applersg.com/	1970-01-22 02:33:02	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
.applersg.com/	1970-01-19 13:13:57	Name: lp_112957 Value: https://nor.applersg.com/
.applersg.com/	1970-01-19 13:13:52	Name: ezovuuid_112957 Value: e6019a10-7de7-4cd5-5b0f-5147a70075d7
.applersg.com/	1970-01-19 13:13:50	Name: __utmt_f Value: 1
.applersg.com/	1970-01-19 13:16:43	Name: ezovuuidtime_112957 Value: 1602830392
.applersg.com/	1970-01-19 13:15:16	Name: ezepvv Value: 786
.applersg.com/	1970-01-19 21:59:26	Name: _ym_uid Value: 1602830393230793980
.applersg.com/	1970-01-19 13:13:57	Name: ezoref_112957 Value:
nor.applersg.com/	1970-01-19 21:59:26	Name: ezux_lpl_112957 Value: 1602830393526\|fbc35984-026f-4a0b-711f-7f5107b42698\|false
.applersg.com/	1970-01-19 13:13:52	Name: ezopvc_112957 Value: 1
.applersg.com/	1970-01-19 13:13:52	Name: ezoadgid_112957 Value: -1
.applersg.com/	1970-01-19 13:13:57	Name: ezoab_112957 Value: mod1
nor.applersg.com/	1970-01-22 02:33:02	Name: ezohw Value: w%3D1600%2Ch%3D1200
.applersg.com/	1970-01-19 21:59:26	Name: ezCMPCCS Value: true
.applersg.com/	1970-01-19 13:57:02	Name: __cfduid Value: de50372ab2ea73c72680e72da125f52231602830392

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://nor.applersg.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://nor.applersg.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://nor.applersg.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://nor.applersg.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7eb8347b83b29122b8ff590a4868d64e.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
applersg.com
applersg.disqus.com
bidder.criteo.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
g2.gumgum.com
go.ezoic.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
l.sharethis.com
mc.yandex.ru
mug.criteo.com
nor.applersg.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.quantserve.com
platform-api.sharethis.com
popcornews.me
prebid.a-mo.net
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssum.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
104.111.238.139
108.128.209.152
136.144.59.88
151.101.12.134
178.128.141.43
178.250.0.157
178.250.0.165
18.195.43.194
185.64.189.112
216.58.208.34
23.210.249.164
23.210.249.92
2600:9000:2057:fc00:2:cb38:840:93a1
2600:9000:206e:9600:1c:8a07:5e80:93a1
2600:9000:206e:9600:c:abe:f440:93a1
2600:9000:206e:9e00:c:a9b7:ddc0:93a1
2600:9000:206e:fa00:6:44e3:f8c0:93a1
2606:4700:3034::6818:6238
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:802::2004
2a00:1450:4001:816::2001
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2001
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8::1:119
3.127.76.126
37.252.173.27
51.89.9.253
54.36.109.166
72.251.249.13
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
02580f3f08864930cf99361712ef0d261adf28c715a6f7b6eea16b6408523697
0405b2e0cbcd7bc26571d899f3195e8971c474b7f958e5ce447c1b7e10be309c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0519c7723e7040c97ee4fd5f256fc5a912b916ee3650dd70eb175b51986a64b4
08cc0febbde79c65381c972a80b77c90812813f2cb7b23fa70513867daa3d275
0999837d201bfbd82287fa2744bc4bb36b66aa440bf45d8be527b9bf179eff45
0b77875a301f0e5047b1a9c803837914d4558065a8b03933cc33474b59af5b15
0b95a3a8861b0ca2198fb54800d3c398d52817f49ca4672fb8ebbb2138edbe48
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d1a059991d747fe3cb1f6a11c53fc7403f72b3d7b516351d4d069d9dff91c02
0eef78f69a07323d7d7e9cdc52e7bd3d5f118330cac83d82e59963db6b33e442
10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
118394ffa72dd5a71add53eff4c4bce97ba5805fc0b1917f93adb1d5481dde6f
11e207837dee326649e4125146ff95a52f863d533ddb05567af0dcef17c3c69e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
129db65319058b94e2d24022c63311b77aa3a3ab0c843044492a4574f5567c25
12ceaaa105abb177182163d2b3c95418076c4cd7881b107e39e1ae77dde7f7c1
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
15a2e154e2160b19efa400825df0da12d0d3aa6add96f3512602ac39dafdc3d7
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
19fc7f0d04ad5a2a4a7411b376ea325d2b761344f8517d4b818240c027d0618e
1a5a5b30ae334bcd42d693c5bef0b04e60508189d783c7c14145f6a9571f53eb
1a80ad28356d459a51ef061d0767b88d85ef009e97ef9032ab6816159c509dd5
2c45003af2c9eeeec9ac1206dd1bb6d6b759798be69d22e87fa868dc8ca056bd
3280d840db75382b0a366d79bcd0dbe276a33e62b7be641e27b8b4bf68f66156
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
362e830d31e4cb9e6f496dff019ba651f5b5138ea92af07ceba5c7ef2f446a2f
37f0de0f751a4f96a2d8464621c2daff72b42b521a2fdc233be2fa188b96657f
38c4a57fcfb3b9ceb053b5c6ee30454cc2ab23f39ac1676e81d03a3b39dbd2f7
3a7a21c1f1b3e08d079493da91812ed7f278d314051cf3f01a445dda311b4eaf
409bae0628b24d0a88d35385e9d7c9711991bfe95957f07ee610f41276c5b652
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
42d51a6cdcd5a1f054242eac3bf88b8a8e267c45ced19f226391003c9d0824ea
44b8d4aa7fb7625138d3927927da16204756ffa25dfddda4de06242da4f6eef3
4691d2d9bbf29b666d996e8cb483e60fa6f3e071f1091a57c2b3ac4413216b24
471195a760a6ea7c30f4415c119cc5a6632524840b0045d7c37c414bb09424d7
4a7ba71fa9779984de5d66afaecf650fef62a565f57d6a451db93924568ee30f
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
4f4d4602015dd91daf6ed74b28bb84a4561828e450b8c652db96d7ca66d2ca4a
4fde19fbe4c978100434b99d2a96e779fa1118a3f7a0c844fbc63820ff2bb18c
52de6bbfbb2ece049db8b322d2cdacd54531cc7ac69a13b09ee03120ff70f675
537a6fadf6f47193ef1620cd8df14da0505000a24480f4049f2e13e7d0fffcad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57c914e511de1a380ad46c9adaa93dc27d960b55b93d7ac12e2cdd13e40f5546
5887aa7c6070d43694405d040d125506a86784caff49b22e7137d48bfe19220a
59a7eb85be3c1de9200286051f16e74bf9f0e3d8a95885949739d33c28e2ad7d
59e988efff59a4c4d7e464a8fe24b2797ced47c2a7ed87607b6ee0c6e9dc6be8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e3a6f5891b780a3406f4d4a4fe7e776f2280c4f6a00c8dcf4d96923ece84bd5
627f350205a35965309770d25fb8cc66f952b60a93f99ad56ae5d6776a8e7bf5
642543517d6bb38c1d1a979e611d02d6532fd9874389dffaf21ae1c2f38a607f
656bc3ca1f0089fd4cbdc1e63e71719ab1a483a6ac997fb24f30835691b39152
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67bdebcc70d04370d3c8609a4564a72a8f80c393b2ca8141eb5386a9f9f900de
69231802cb66664de0bb8e6ed284c0376ca19865d4534d4e357ee47899912776
6a7d986d12708735f184b07d2cd1e59871cd1bbe8290f9c8b7ab8d770dbb1238
6dd371ce0393cece6c9092d5a1d401855e61d91a458d3d990794c012bcc2c20e
6f2021e21c056b0aa47e7133e957ec82c3835780fe37eb1736428c42146e6907
71e84f4b3a46857e0ee497d4890e8a90ba4889e3c72d3c39a1ea7f78c1f8065b
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada
77c05e49f5e4121bcdf0b6df89373f6b5cd6846eea70156f416a59f4af54025d
7aa6ac00f568c333fa2ad3fb5459426ff882d4f5dcd8b4b6ac11b518e9748b13
7b050b518e14ec06da148083f33ad10ace2c2a3779ac636edbaa8c6c9175667c
7cc1eda04bbf677975f3caf193096f28adfbcca0242b2c52a5d14b49015dff36
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
8396f90987f027722f96766bfb24d701e9a4c58becab96b4081ef5f52f7353d3
84eeafd08bebaac7b1ce9d961f2a845b612acc65944a29688ef6f26078811929
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
8b00628163cf16acb9225ba30390854b0e3cdafc84ce2ecf159a3b6654528cea
8b22e3713b4f143a154ebbe747d93b8f840f8e82b647a00123683847df95dfd3
8c77c8a98ea0660608d38c8e7e4ce9d9f305efa10ed82bafe931e23804978f4c
8d103a9144e8047b29babe84278fda2b8cdc1c150fd0f8a91408f2e278ed6db4
8e099f52508ea4e3c116643ff36383375e8ab33ce866e5ab4f17b63f142e98e4
8e4348be473c71dda59c8591dd23975b9c7226cfe220609d479e068b25039c9f
91b3586547bdc74a24832515a351f0506f8e2bb766529a5ac445284c32bb81fd
92e68d25e51895e6bfb563b7210a707f7041026ff22b1693439be9b8ba646be1
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
958783610b490ca38a7c2e9a13390c9b9615eca326d29e217266718cfe59221a
975f86f3d2a91a4087fe292a3a0db8e1e28512ffc3d47fc38f0e305fc2db0406
991587d785ed3c635b2eb99520f267b1e4e182e5427baca5902f72bc6519756e
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09
a4988ad727f6f2a048e97c92064d18a0d77ba523fa9c7a53e162309febfe2682
a5116767eaf17c577fc330e479f5bd84694b57da3336b061ce580aeac1006532
a671d94fbc88d51ca7e4c4bc867aa80e5dcd6b1d5ea3759f613342acef95439a
a9390948cc4848231ec89e2bc4a216ce3d76658d8017db503a2b1d7436d7cbc5
aa0bd1b6156023b441ad94dbb05bcd5ccede476b22b8f12d6497524a48a72f2e
aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e
aa6b5b4c28893b8d0bd1ee4455065947cd5451112f8ae3e0349150948eea7e38
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac79f7385aeb7bd790a5d0a1b6d2cae41185bb8aa6f717272fb9d1aa47ce2f56
ad169050d72bb72e8b1c2e2ef45968e95afafae260a3193ae00b0b88eb1d3191
ad42494fe3dee8d57aa90f87389817493a167f934afad9eae3332b4c94346dd9
ae33fd4876cd73bcb5ede603df85d921481d12f56a69396b1d676e2ff3fb12cc
b2eb4d3912eb81a565f3695101fbc9aa1310bb54e5d04e27ca88301a0c943534
b3866a28f74bbe7283778cb7e5d12bcb431c1e6c286399d576b8a7f9b57b56cc
b607349246c00e5e3976b05ff2e89618d436efe82685162aa2752b065531468f
b69fb3cc6baf0a6c03552e92ebe96cacab5de41a348e36f1e55de7b1abd7a026
b7103e832afb79f79b1cef1a089146db0a633c458e302f07fa31edfa1f74ea31
bac20d43350602e59a13e37c5f4e7528d291ddb17c6272fa1a5d2a92f56db7f5
bc27eb6b26c21545e4b0074dbf54a22af6a651138c2652fcbefb850c7f3333c9
bc3b0143190f14aab48aa7934383d5ec2fcc6e2c1edd2b052a0d0f1d5056a74c
bcf9606301829552af940c8cad02a9026a84f27c3ebda5e702d86e9f41e21c41
be76304e30fa9b218c48d6ff8371d274849ad8b93f1d620c29ff4c0b51a7007d
c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e
c16c2fa7b263969ae1dbd28b6baa5fce2504bf62c146b1d8195ee340881960e5
c2f830574d8dcbbaf3d89c2b6292f0bcd0049ba325365e34f48799490194a6be
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c6bc604e02fe45bc11d4a184f7b35714477914d76c83a8c87ff6a6a9d0c62b9e
c71490f053928a042e04d70da8a518e4a25d2d5d642d46dd460b9d5858e3db17
c7a514ef9248a31ef0b26d7cdb166e18aa4871e9373132f1c6b61d0ffbee34e9
c98816b17e6dd580ac24b8de8d0a6c401ab88b799d9d867cc0c4987de8d43755
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d35902ecbccf57c790dd5e6b089f3bfd0c9c10d3e370bc020b1cf60e971b7cae
d83730ed438fe6a296fa1a099d599e017a1148673fdef9394c2fda0d3a1272c2
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
d95751deffbac78ee10e0d4eae56f1e036d0cc494efb413e1198bbebfc6d2b76
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412
d9c8e32e4bccf70942f82377429d18d16198950f403eb6d744668c8fadd4dc86
dc3e2eb5574e7549951c296cc5dfbae9ea4d5ac6c959e02392753060fc8a6790
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf235152a388915bfe790962f1ecdf4afc8bbd35f09c945a652c1e3949238fa
dd8917bfba41cd4f3a511647556b9e770e72ae1a14fa29c464f922570f012939
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fc0b0660145ac9ad7029f8004767efa1b95c7929061ad620bb8428022c67f8
ec9262a64bbe38b9a4c4a6effb50485d7bb7bdb18b3f2c296a50438bbe2c3fbc
ee2910e4b5209fc15058a67f5f33e18c43f5a2618395e081ba0e6d3191f21821
ee995a5cf6d31e78ab94dafcee554098ec88848d7d0354d0e3350784bff20116
eead550462af1723d74bd71bb44a0fec8f2ba3f33e320e36ae815e024bc924ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14bdfeaaf8f537976221d2097f382caae2ace47007de3cbccf14776c654f6de
f6e4e7fe8cb48988e94ca8055ec02e044e2f9b6cb7a89a7c27b62f388cc0c983
f72423823b8aca3ed7719ec83f569fa6936c398c486a48206226f817f60f0542
f7c1bf3038928f32470a492ca64f6bcac4bb65ac2fab22cde5f71406d183840c
f9f7514589ab0fd139926135617cee878b5e2fdcabfe39ca0ce2e195483f3598
fbf1a5dd327d3f60dcdd27402783ed291311877a4b6b59e3b0adb2cd892215b9
fdf256b16cc912ef3045cd564b67174b7fb37380ac0ab8334d97c9171319d06f
febdc37e23cafa734485dc27177a23e162f267903c490ccc9b1e8a85751ce142
ff98520c8c3796ae393225c352942c7110bd0418feff69638092fe9bf0cbc652

nor.applersg.com Open in urlscan Pro 2606:4700:3034::6818:6238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

267 Requests

99 %HTTPS

54 %IPv6

29 Domains

41 Subdomains

36 IPs

8 Countries

2680 kBTransfer

5676 kBSize

31 Cookies

2 Outgoing links

Redirected requests

267 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nor.applersg.com Open in urlscan Pro
2606:4700:3034::6818:6238 Public Scan

Screenshot
Live screenshot

Full Image

267
Requests

99 %
HTTPS

54 %
IPv6

29
Domains

41
Subdomains

36
IPs

8
Countries

2680 kB
Transfer

5676 kB
Size

31
Cookies

267 HTTP transactions
0 data transactions