www.orlytaitzesq.com Open in urlscan Pro
35.209.63.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orlytaitzesq.com/
Effective URL:
http://www.orlytaitzesq.com/
Submission: On April 17 via api (April 17th 2020, 9:13:08 pm UTC) from US

Summary HTTP 219 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 37 domains to perform 219 HTTP transactions. The main IP is 35.209.63.6, located in Mountain View, United States and belongs to GOOGLE-2, US. The main domain is www.orlytaitzesq.com.

This is the only time www.orlytaitzesq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	35.209.63.6 35.209.63.6	19527 (GOOGLE-2) (GOOGLE-2)
1	52.44.122.222 52.44.122.222	14618 (AMAZON-AES) (AMAZON-AES)
2 2	72.246.168.118 72.246.168.118	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	35.241.35.213 35.241.35.213	15169 (GOOGLE) (GOOGLE)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
7	2606:4700:10:... 2606:4700:10::6816:555	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	193.189.143.34 193.189.143.34	34948 (TYPHON-AS) (TYPHON-AS)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.73.47 13.225.73.47	16509 (AMAZON-02) (AMAZON-02)
1	13.224.194.113 13.224.194.113	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	54.209.86.7 54.209.86.7	14618 (AMAZON-AES) (AMAZON-AES)
4	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	54.83.148.98 54.83.148.98	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.73.4 13.225.73.4	16509 (AMAZON-02) (AMAZON-02)
1 1	52.94.234.174 52.94.234.174	16509 (AMAZON-02) (AMAZON-02)
1	99.86.61.157 99.86.61.157	16509 (AMAZON-02) (AMAZON-02)
3	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
6	13.224.186.46 13.224.186.46	16509 (AMAZON-02) (AMAZON-02)
53	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
24	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
8 12	152.199.21.35 152.199.21.35	15133 (EDGECAST) (EDGECAST)
8 8	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
4	74.214.194.134 74.214.194.134	59940 (PULSEPOIN...) (PULSEPOINT-EU)
4	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
4	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
24	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
8 12	74.214.194.140 74.214.194.140	59940 (PULSEPOIN...) (PULSEPOINT-EU)
7 7	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
6 6	35.157.107.235 35.157.107.235	16509 (AMAZON-02) (AMAZON-02)
2 2	94.130.204.3 94.130.204.3	24940 (HETZNER-AS) (HETZNER-AS)
20 20	35.158.60.52 35.158.60.52	16509 (AMAZON-02) (AMAZON-02)
9 21	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
4 4	154.59.122.74 154.59.122.74	174 (COGENT-174) (COGENT-174)
4	2a02:fa8:8806... 2a02:fa8:8806:13::1430	41041 (VCLK-EU-) (VCLK-EU-)
4 4	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
4	63.33.80.49 63.33.80.49	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
219	37

28 35.209.63.6 (Mountain View, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 6.63.209.35.bc.googleusercontent.com

orlytaitzesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.orlytaitzesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.122.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-122-222.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.168.118 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.213 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 213.35.241.35.bc.googleusercontent.com

media.breitbart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:555 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thegatewaypundit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.189.143.34 (Ankara, Turkey) 1 redirects

ASN34948 (TYPHON-AS, FR)
PTR: www.netvibes.com

www.netvibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

us.i1.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

buttons.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-47.fra2.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-113.fra2.r.cloudfront.net

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.86.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-86-7.compute-1.amazonaws.com

www.petition2congress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.83.148.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-148-98.compute-1.amazonaws.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.4 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-4.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.234.174 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cloudfront-labs.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.61.157 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-61-157.yto50.r.cloudfront.net

a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.186.46 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-46.fra2.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 152.199.21.35 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.214.194.134 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.87 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.214.194.140 (Amsterdam, Netherlands) 8 redirects

ASN59940 (PULSEPOINT-EU, NL)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.107.235 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-235.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.204.3 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.158.60.52 (Frankfurt am Main, Germany) 20 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-60-52.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.156.0.31 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 154.59.122.74 (United States) 4 redirects

ASN174 (COGENT-174, US)

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:8806:13::1430 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c305::8000 (United Kingdom) 4 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.33.80.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Germany) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com buttons.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	314 KB
34	doubleclick.net 9 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	564 KB
28	advertising.com 28 redirects adserver.adtech.advertising.com pixel.advertising.com	9 KB
28	orlytaitzesq.com 1 redirects orlytaitzesq.com www.orlytaitzesq.com	633 KB
25	yahoo.com 13 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	21 KB
16	contextweb.com 8 redirects bid.contextweb.com bh.contextweb.com	8 KB
16	googletagservices.com www.googletagservices.com	394 KB
12	adtechus.com 8 redirects adserver.adtechus.com	12 KB
8	google.com adservice.google.com	2 KB
8	cloudfront.net d31qbv1cthcecs.cloudfront.net a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net d2tbmvllb55wxq.cloudfront.net	1 MB
7	thegatewaypundit.com www.thegatewaypundit.com	71 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	google.de adservice.google.de	2 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
4	adsrvr.org match.adsrvr.org	1 KB
4	dotomi.com aol-match.dotomi.com	413 B
4	acuityplatform.com 4 redirects acuityplatform.com	2 KB
4	pubmatic.com hbopenbid.pubmatic.com	308 B
4	rubiconproject.com fastlane.rubiconproject.com	7 KB
4	adnxs.com ib.adnxs.com	3 KB
4	lanistaads.com api.lanistaads.com	1 KB
4	mthsense.com ads3.mthsense.com	14 KB
2	adhigh.net 2 redirects px.adhigh.net	946 B
2	google.ch adservice.google.ch	1010 B
2	youtube.com www.youtube.com
2	google-analytics.com www.google-analytics.com	17 KB
2	netvibes.com 1 redirects www.netvibes.com	1 KB
2	twimg.com pbs.twimg.com	19 KB
2	paypalobjects.com www.paypalobjects.com	4 KB
2	paypal.com 2 redirects www.paypal.com	546 B
2	gweini.com s.gweini.com fs.gweini.com	17 KB
1	admixer.net 1 redirects inv-nets.admixer.net	551 B
1	amazonaws.com 1 redirects cloudfront-labs.amazonaws.com	219 B
1	alexametrics.com certify.alexametrics.com	551 B
1	petition2congress.com www.petition2congress.com
1	yimg.com us.i1.yimg.com	2 KB
1	breitbart.com media.breitbart.com	17 KB
219	37

	Domain	Requested by
27	www.orlytaitzesq.com	www.orlytaitzesq.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
24	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.orlytaitzesq.com
23	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
21	ups.analytics.yahoo.com	9 redirects
20	pixel.advertising.com	20 redirects
16	www.googletagservices.com	www.orlytaitzesq.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
12	bh.contextweb.com	8 redirects d2tbmvllb55wxq.cloudfront.net
12	adserver.adtechus.com	8 redirects
8	adserver.adtech.advertising.com	8 redirects
8	adservice.google.com	www.googletagservices.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	cm.g.doubleclick.net	7 redirects
7	www.thegatewaypundit.com	www.orlytaitzesq.com
6	x.bidswitch.net	6 redirects
6	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
6	d2tbmvllb55wxq.cloudfront.net	ads3.mthsense.com pagead2.googlesyndication.com
4	match.adsrvr.org	d2tbmvllb55wxq.cloudfront.net
4	pr-bh.ybp.yahoo.com	4 redirects
4	aol-match.dotomi.com
4	acuityplatform.com	4 redirects
4	hbopenbid.pubmatic.com	d2tbmvllb55wxq.cloudfront.net
4	fastlane.rubiconproject.com	d2tbmvllb55wxq.cloudfront.net
4	ib.adnxs.com	d2tbmvllb55wxq.cloudfront.net
4	bid.contextweb.com	d2tbmvllb55wxq.cloudfront.net
4	api.lanistaads.com	www.orlytaitzesq.com
4	ads3.mthsense.com	fs.gweini.com
4	platform.twitter.com	www.orlytaitzesq.com platform.twitter.com
3	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
2	px.adhigh.net	2 redirects
2	adservice.google.ch	securepubads.g.doubleclick.net
2	www.youtube.com	www.orlytaitzesq.com
2	www.google-analytics.com	www.orlytaitzesq.com
2	www.netvibes.com	1 redirects www.orlytaitzesq.com
2	pbs.twimg.com	www.orlytaitzesq.com
2	www.paypalobjects.com	www.orlytaitzesq.com
2	www.paypal.com	2 redirects
1	inv-nets.admixer.net	1 redirects
1	syndication.twitter.com	www.orlytaitzesq.com
1	a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net	www.orlytaitzesq.com
1	cloudfront-labs.amazonaws.com	1 redirects
1	certify.alexametrics.com	www.orlytaitzesq.com
1	www.petition2congress.com	www.orlytaitzesq.com
1	fs.gweini.com	s.gweini.com
1	d31qbv1cthcecs.cloudfront.net	www.orlytaitzesq.com
1	buttons.googlesyndication.com	www.orlytaitzesq.com
1	us.i1.yimg.com	www.orlytaitzesq.com
1	media.breitbart.com	www.orlytaitzesq.com
1	s.gweini.com	www.orlytaitzesq.com
1	orlytaitzesq.com	1 redirects
219	49

This site contains links to these domains. Also see Links.

Domain
taitzreport.com
www.drtaitz.com
www.taitzofficesuites.com
www.breitbart.com
www.thegatewaypundit.com
www.worldometers.info
twitter.com
www.netvibes.com
add.my.yahoo.com
fusion.google.com
www.feedly.com
www.petition2congress.com
petitions.whitehouse.gov
plus.google.com
www.youtube.com
www.facebook.com
www.orlytaitzforussenate2012.com
www.videospromo.com
www.washingtonamerica.com
www.elementsofseo.com
www.drewstauffer.com
www.alibiproductions.com

Subject Issuer	Validity	Valid
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
*.breitbart.com COMODO RSA Domain Validation Secure Server CA	`2018-06-28` - `2020-06-27`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-12` - `2020-10-09`	a year	crt.sh
*.netvibes.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-15` - `2020-08-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.adtechus.com GeoTrust RSA CA 2018	`2019-08-07` - `2021-08-07`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-02-13` - `2020-08-11`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 31 frames:

Primary Page: http://www.orlytaitzesq.com/
Frame ID: 516BAD8FC5991D12CBC2044A315E1D41
Requests: 56 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Frame ID: FF806073CA2054AB7F26BFC4A89B7574
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Frame ID: 385151B5F198F77946870AAC8F511149
Requests: 1 HTTP requests in this frame

Frame: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Frame ID: 5E83603E8323B092CE4E6463F42632AB
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Frame ID: 54B8C0DCFFC04D2660C952C570AEF6A2
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Frame ID: 7204555BC2029E876FFC15DDE87DE7CC
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Frame ID: 6B3A9D9E23D86AB139C54D4E3C9E6988
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Frame ID: 67C28476BFD5CE0892DC25DB85D93897
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Frame ID: D288624D5DF8CC159665228195A6725F
Requests: 1 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 2765F9A27A466D1424F4D8F8212235EE
Requests: 24 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 5B4EAD56650231F145AFF6005870FB2B
Requests: 23 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 2338545161CB6CF86063173559732FC9
Requests: 23 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 120E4D68CE0396EA395BE167210D3AC3
Requests: 23 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Frame ID: 14C4004E034CF9A25534B1B7F735C3D7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKW1YS-LRPekCrsindTEq7El503hGSR8tjxxHA3ZFIzldWtK8NknqYtAYpwkHg9ncV3ZdkrAV1_z-K0UV2I8Z99JlaVggXKoIxSAIn6A4Lswp5hxKJzTVFFHD592mCCvSB-zoaVkGyVpIwwuwm0GeFD44eRSnj-Aw6wGCSuGc029vJHrYHjgc4hGUpdf14pCq1I7qnzM2YafTyqry4uZxGVcJKwDSJYrXbVvIf3QqGmc7sUxQ6dHCdwWnbMl9VddZ6SD-eSqlIVutXaQFt-F1P&sig=Cg0ArKJSzEDChCaiysKxEAE&urlfix=1&adurl=
Frame ID: F07E5D4529B5605FCE9E33410DDA5581
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 7D5F26DC8207ABE3D3DBFE583C15BFC5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJCLbXES1vv8cA8M15zhOwhnW-SZGRVYSWNMGwO_jNzVCPolUUN8ivna6aZovWaFrKJdVrFzo0rXwrqEVMHLNW733a9ht6qbhs8zDIUEVdwVX4Z1Nu5eh0fzYoHKcIqZ-Lw1LWRAmr_r2SJK73KuKy-c8CpVVPDCEWiCf2P3_gk7bdNNeOr5oaEv8Dnew_pCf1zisIPlggOuyrdmWI06wZLZH86cunjwaU-BWcYL4hfkwv8hYmelG581NbXI8CL_tmEgBiYUMTbHn_jhnf5Kp4&sig=Cg0ArKJSzKct2Kiq8HWvEAE&urlfix=1&adurl=
Frame ID: B9C941169A7F5AA800F745BCB8C4EA2A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: C3C1D2D3916B06627FAD3F26E78C3894
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 97674D096E894BC8C007EDBB4BD79C55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C8994C6EA586FDE5E6265233416CF263
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 36BFB47B0998F253CF85C7D775BC2815
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 1B71E844D050E4645C16248067516C9A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFGjw2jLV2qM-Gvgiz96YSRkV2N5NG3scD697Po_9YEX0qcV4NdHQ51vXa7xVye0peMhNuPancXYgGFoWd2-gH8YomxQPTxOVGmR8pKrfi5CoXKpZUKNTb5wf7PF427UB3keNTsenu5CgCpYVQvFEeJz6pOzaV-fvnN1YRJZ9QhXROot4Mp-A_mxN6Y2EQW7JtK9I4l-S8T4qDFA5sJPe6EMPmRQ8ySBgc4DTWNRHQXyfvFoDdeedDHZBVM5voIjST3wkwmXqwypHQEML_5dFDhtM&sig=Cg0ArKJSzE_Azyook27UEAE&urlfix=1&adurl=
Frame ID: 0F1EEA44685DC2C130EE082E8494AB89
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html
Frame ID: A2AC59F7D0D2ABCF31CACC3DF79EA6A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 38F5AE479259768597380CC3095C36F5
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Frame ID: EEF57FB3B8796D788F44F0BB27DC0695
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9F3rjauI8rVK1rVSjVjbjMz2-R9Jk-7L1NJcnrfanhezYdowDv0PYP6LJ--qyHLUtL74dHTXcZfivD_QE53kQHrmK-KjPhT5Sz4Vd8aOIKlznl9rU_hmcfgXmOB6xkbS935cENGgbTAKucATKRnNanAZmsPA-9VpNmAi8WJXRaUg04gTYba-ef_g5-VvdYh0MAPTjezl59z9pqqulXDS2samujVNwXsTG2bqT7_BeJDS_SsecfJ5ieoTPplWb_lBcfDw-onmo_P0HWRMjy17ouHI&sig=Cg0ArKJSzKSgQNvGsSREEAE&urlfix=1&adurl=
Frame ID: ACB5BB17CF5F012F920F1FABFB6C11A7
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A17B4D3E6E1E3D1838D194FD36ACD312
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Frame ID: 3BBD83387E1A174A9877D23A21B2F4BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: B69735531619565DDD8A7EF6DCED102C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 5740ECBAFE364230B3C1C6C8DA0E3FDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://orlytaitzesq.com/ HTTP 301
http://www.orlytaitzesq.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

219
Requests

71 %
HTTPS

30 %
IPv6

37
Domains

49
Subdomains

37
IPs

7
Countries

3250 kB
Transfer

5400 kB
Size

12
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: http://taitzreport.com/
Title: TaitzReport.com

Search URL Search Domain Scan URL

URL: http://www.drtaitz.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.taitzofficesuites.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/04/17/watch-joe-biden-stumbles-through-disastrous-tv-appearances-forgets-year-of-9-11-attack/
Title: WATCH: BIDEN STUMBLES THROUGH DISASTROUS TV HIT, FORGETS YEAR OF 9/11 ATTACK

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/europe/2020/04/17/farage-backs-trump-who-not-fit-purpose/
Title: FARAGE SAYS TRUMP RIGHT ON WHO, CALLS FOR BOYCOTT OF CHINESE PRODUCTS

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/04/17/donald-trump-democrats-must-end-endless-vacation-and-get-back-to-work/
Title: TRUMP: DEMOCRATS MUST HALT ‘ENDLESS VACATION’ AND GET BACK TO WORK

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/04/17/watch-live-minnesota-workers-protest-outside-governors-mansion/
Title: WATCH LIVE: MINNESOTA WORKERS PROTEST OUTSIDE GOVERNOR’S MANSION

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/04/17/donald-trump-tweet-storm-rips-democrats-calls-to-liberate-states/
Title: Trump Tweet Storm: ‘Liberate’! Rips Democrats, Obama, Biden

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/04/trump-unloads-cuomo-coronavirus-rant-accusing-president-passing-buck-without-passing-bucks/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/04/retaliation-michigans-democrat-governor-threatens-extend-stay-home-order-response-operationgridlock-protesters/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/04/freedom-jacksonville-florida-reopen-beaches-tomorrow-swimming-running-fishing-hiking-surfing-approved/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/04/antibody-testing-reveals-coronavirus-widespread-known-thus-far-less-dangerous-expected/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/04/pelosi-sits-home-eating-chocolates-smearing-president-middle-class-americans-lose-jobs-wait-approve-small-business-loans/

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/report_us/
Title: Report coronavirus cases

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/#nav-today
Title: Now

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/country/us/
Title: USA

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/country/spain/
Title: Spain

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/country/italy/
Title: Italy

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/country/france/
Title: France

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/country/germany/
Title: Germany

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/country/uk/
Title: UK

Search URL Search Domain Scan URL

URL: https://www.worldometers.info/coronavirus/country/china/
Title: China

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/04/twitter-suspends-tpusa-ambassador-popular-political-commentator-alx-posting-meme-xi-jinping-endorsing-joe-biden/

Search URL Search Domain Scan URL

URL: https://twitter.com/GavinNewsom
Title: @GavinNewsom

Search URL Search Domain Scan URL

URL: http://www.netvibes.com/subscribe.php?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://add.my.yahoo.com/rss?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://fusion.google.com/add?feedurl=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.feedly.com/home#subscription/feed/http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.petition2congress.com/18945/ban-importation-200000-syrian-migrants-us/
Title: PETITION TO CONGRESS: Ban importation of 200,000 Syrian migrants into the US

Search URL Search Domain Scan URL

URL: https://petitions.whitehouse.gov/petition/institute-edward-snowden-national-whistleblower-patriots-against-government-corruption-day/Qhjys2vw

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/117378858973367836955/posts/KuCZfqzLPut
Title: CHANNEL (Google Plus)

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/DrOrlyTV
Title: SUBSCRIBE TO YOUTUBE

Search URL Search Domain Scan URL

URL: http://www.facebook.com/orlytaitz?ref=ts

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donateslogan.html

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donate.html
Title: RunOrlyRun.com

Search URL Search Domain Scan URL

URL: http://www.videospromo.com/
Title: Videography by Barbara Rosenfeld

Search URL Search Domain Scan URL

URL: http://www.washingtonamerica.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.elementsofseo.com/
Title: Elements of SEO

Search URL Search Domain Scan URL

URL: http://www.drewstauffer.com/
Title: Website Design

Search URL Search Domain Scan URL

URL: http://www.alibiproductions.com/html/website-development.html
Title: Accessible Website Development

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orlytaitzesq.com/ HTTP 301
http://www.orlytaitzesq.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 5

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 19

http://www.netvibes.com/img/add2netvibes.gif HTTP 301
https://www.netvibes.com/img/add2netvibes.gif

Request Chain 37

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 44

http://www.youtube.com/embed/OreNM9NDxlE?rel=0 HTTP 307
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Request Chain 45

http://www.youtube.com/embed/948FBVCqTu4?rel=0 HTTP 307
https://www.youtube.com/embed/948FBVCqTu4?rel=0

Request Chain 49

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1859932247&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1092082328&utmr=-&utmp=%2F&utmht=1587157965758&utmac=UA-38912701-1&utmcc=__utma%3D209516236.169382701.1587157966.1587157966.1587157966.1%3B%2B__utmz%3D209516236.1587157966.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=66007681&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1859932247&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1092082328&utmr=-&utmp=%2F&utmht=1587157965758&utmac=UA-38912701-1&utmcc=__utma%3D209516236.169382701.1587157966.1587157966.1587157966.1%3B%2B__utmz%3D209516236.1587157966.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=66007681&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 59

http://cloudfront-labs.amazonaws.com/x.png HTTP 302
http://a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net/test.png

Request Chain 83

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fccbbd6-80f0-11ea-a94c-121c10c2940c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2

Request Chain 89

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcd60ea-80f0-11ea-8e66-1248c7260bf4;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4

Request Chain 96

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcb4db4-80f0-11ea-8e83-121ea8d7377c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4

Request Chain 99

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157965;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fcab44e-80f0-11ea-8f9f-12358a211a00;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2

Request Chain 167

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193763&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1587157968177&bpp=17&bdt=107&idt=107&shv=r20200413&cbv=r20190131&ptt=5&saldr=sa&correlator=1632377810841&frm=23&ife=4&pv=2&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=1596379998&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=545&ady=16&biw=1585&bih=1200&isw=728&ish=90&ifk=2772832079&scr_x=0&scr_y=0&eid=44717539&oid=3&pvsid=3502704934320168&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8212&bc=23&ifi=1&uci=1.pkr8oxa6kn9d&fsb=1&dtd=180 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

Request Chain 180

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193766&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1587157968458&bpp=8&bdt=69&idt=100&shv=r20200413&cbv=r20190131&ptt=5&saldr=sa&correlator=1632377810841&frm=23&ife=4&pv=1&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=1214430409&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=7575&biw=1585&bih=1200&isw=728&ish=90&ifk=2772832079&scr_x=0&scr_y=0&eid=44717539%2C26835105&oid=3&pvsid=406814009916483&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8212&bc=23&ifi=1&uci=1.hed0xmvwtctq&btvi=1&fsb=1&dtd=104 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

Request Chain 198

https://bh.contextweb.com/visitormatch/prebid HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1 HTTP 302
https://bh.contextweb.com/visitormatch/prebid?s=1587157970432&r=1&v=547259 HTTP 302
https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=pulsepoint HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=pulsepoint&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=0n5eGbgSEAd.AikABlFxifyvJg&expires=30&ssp=pulsepoint HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6 HTTP 302
https://bh.contextweb.com/visitormatch/prebid?r=2&v=547259%2C556010&s=1587157970471

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true

Request Chain 200

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55950/sync?uid=502934071386 HTTP 302
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934071386&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 202

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-zoGSlLB1lxkgk8CLtuk3ahoTleZYnn.WMt0C&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zoGSlLB1lxkgk8CLtuk3ahoTleZYnn.WMt0C&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 204

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55950/sync?uid=502935200271 HTTP 302
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 205

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true

Request Chain 208

https://bh.contextweb.com/visitormatch/prebid HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1

Request Chain 210

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 212

https://bh.contextweb.com/visitormatch/prebid HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1 HTTP 302
https://bh.contextweb.com/visitormatch/prebid?s=1587157970471&r=1&v=547259 HTTP 302
https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpulsepoint%26bsw_param%3D56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=89f77d0446a7471c9fa62c1b9fecf6f6&ssp=pulsepoint&bsw_param=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6

Request Chain 213

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55950/sync?uid=502934686019 HTTP 302
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934686019&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 218

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55950/sync?uid=502935200271 HTTP 302
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Request Chain 219

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

219 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.orlytaitzesq.com/
Redirect Chain

http://orlytaitzesq.com/
http://www.orlytaitzesq.com/

93 KB
94 KB

1085ms
805ms

Document
text/html

35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1e975c1a03d8ddce0bb31ee3d31835504c836de50cb250735a832658fa07afd

Request headers

Host: www.orlytaitzesq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Fri, 17 Apr 2020 21:12:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://www.orlytaitzesq.com/wp-json/>; rel="https://api.w.org/"
alt-svc: quic=":443"; ma=86400; v="43,39"
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
X-Proxy-Cache: MISS

Redirect headers

Server: nginx
Date: Fri, 17 Apr 2020 21:12:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: http://www.orlytaitzesq.com/
alt-svc: quic=":443"; ma=86400; v="43,39"
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
X-Proxy-Cache: MISS

GET
H/1.1 200
OK style.min.css
www.orlytaitzesq.com/wp-includes/css/dist/block-library/ 25 KB
25 KB 277ms
266ms Stylesheet
text/css 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:17:13 GMT
Server: nginx
ETag: "629a-586e1efe342af"
Content-Type: text/css
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 25242
X-Proxy-Cache: HIT

GET
H/1.1 200
OK si_captcha.js Show response
www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/ 685 B
1 KB 294ms
283ms Script
application/javascript 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/si_captcha.js?ver=1587157964
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Tue, 06 Mar 2018 19:48:30 GMT
Server: nginx
ETag: "2ad-566c3ba12bf80"
Content-Type: application/javascript
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 685
X-Proxy-Cache: MISS

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 12 KB
12 KB 139ms
139ms Script
application/javascript 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Fri, 19 Apr 2019 13:17:13 GMT
Server: nginx
ETag: "2f02-586e1efe2390e"
Content-Type: application/javascript
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 12034
X-Proxy-Cache: HIT

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 8 KB
1 KB 266ms
232ms Script
text/html 52.44.122.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 52.44.122.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-122-222.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 1140
Content-Type: text/html; charset=UTF-8

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

3 KB
3 KB

63ms
20ms

Image
image/gif

151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2425146
x-cache: HIT, HIT
status: 200
surrorage-key: /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn /en_US/i /en_US
content-length: 2993
x-served-by: cache-lax8624-LAX, cache-fra19170-FRA
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: Apache
x-timer: S1587157966.747729,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 109094

Redirect headers

date: Fri, 17 Apr 2020 21:12:45 GMT
status: 301
strict-transport-security: max-age=63072000
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: d087ff1c17560
dc: ccg11-origin-www-1.paypal.com
content-length: 0

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
297 B

64ms
21ms

Image
image/gif

151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2425152
x-cache: HIT, HIT
status: 200
surrorage-key: /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr /en_US/i /en_US
content-length: 43
x-served-by: cache-sjc10036-SJC, cache-fra19170-FRA
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: Apache
x-timer: S1587157966.747713,VS0,VE0
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 239351

Redirect headers

date: Fri, 17 Apr 2020 21:12:45 GMT
status: 301
strict-transport-security: max-age=63072000
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: a9c2bbf2c52dc
dc: phx-origin-www-1.paypal.com
content-length: 0

GET
H/1.1 200
OK 1Apple3b.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 41 KB
42 KB 144ms
140ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Apple3b.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "a4d6-4f5f40a459400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 42198
X-Proxy-Cache: HIT

GET
H/1.1 200
OK 1Office4a.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 34 KB
34 KB 143ms
139ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Office4a.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "861a-4f5f40a459400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 34330
X-Proxy-Cache: HIT

GET
H2 200 virus-outbreak-us-foreign-aid-april-15-2020-photo-president-donald-trump-speaks-coronavirus-ros-e1587143064108-420x315.jpg
media.breitbart.com/media/2020/04/wi/ap/16/ 16 KB
17 KB 77ms
30ms Image
image/jpeg 35.241.35.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.breitbart.com/media/2020/04/wi/ap/16/virus-outbreak-us-foreign-aid-april-15-2020-photo-president-donald-trump-speaks-coronavirus-ros-e1587143064108-420x315.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.213 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.35.241.35.bc.googleusercontent.com
Software: shield /
Resource Hash: bf205d34a16bdbd9ff54ad5c790d1facc2459b4c266a781a57a56638e0581dc4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
via: 1.1 google, 1.1 google
last-modified: Fri, 17 Apr 2020 17:04:24 GMT
server: shield
etag: "5e99e198-41c7"
content-type: image/jpeg
status: 200
cache-control: max-age=31556926
x-shield-request-id: 45997e46686e3382181991f7816985f7
accept-ranges: bytes
alt-svc: clear, clear
content-length: 16839

GET
H2 200 kUuht00m_bigger.jpg
pbs.twimg.com/profile_images/874276197357596672/ 3 KB
3 KB 10ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/874276197357596672/kUuht00m_bigger.jpg

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

80889a64f5cfc1bc382757bc8d42b04dcdd4c288e5688ede09a23b5a8e634816

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
x-content-type-options: nosniff
age: 216261
x-cache: HIT
status: 200
content-length: 2973
x-response-time: 165
surrogate-key: profile_images profile_images/bucket/1 profile_images/874276197357596672
last-modified: Mon, 12 Jun 2017 14:42:23 GMT
server: ECS (fcn/41D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 72734aa827f466aa207337e0a0e4fbcd
accept-ranges: bytes

GET
H2 200 Cuomo-Pass-the-Buck-CBS2-Screen-Image-04172020-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 11 KB
11 KB 503ms
479ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/Cuomo-Pass-the-Buck-CBS2-Screen-Image-04172020-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e9f66ff9e106c3ab0782c8b5ebf569631e62597d027bebd0d591454cad53c29

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=12142
status: 200
content-length: 11451
cf-request-id: 022b95b36700006347953c0200000001
last-modified: Fri, 17 Apr 2020 16:38:04 GMT
server: cloudflare
etag: "5e99db6c-2f6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 585925657ad06347-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 yorch20-1-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
10 KB 495ms
472ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/yorch20-1-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96eb11bd76cb8bbb24bd9fa88918cf4560219cb559272260b26a82b6d10b4611

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=10550
status: 200
content-length: 10242
cf-request-id: 022b95b36700006347953c1200000001
last-modified: Fri, 17 Apr 2020 16:30:09 GMT
server: cloudflare
etag: "5e99d991-2936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 585925657ad16347-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 jacksonville-beach-safe-to-use-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 11 KB
11 KB 496ms
473ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/jacksonville-beach-safe-to-use-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74e5abcb034f8529abcf39a0a528bd736fba62bde748bdb16ea553f074a533d

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=12132
status: 200
content-length: 11312
cf-request-id: 022b95b36900006347953c5200000001
last-modified: Fri, 17 Apr 2020 18:36:12 GMT
server: cloudflare
etag: "5e99f71c-2f64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 585925657ad66347-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 IMG_9840-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 12 KB
12 KB 499ms
476ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_9840-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 234bac92bbba914fb29ed6a4e86e66fa59a3c8722767328f5a3725b744bbb4a3

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=12406
status: 200
content-length: 11962
cf-request-id: 022b95b36900006347953c3200000001
last-modified: Sat, 14 Mar 2020 17:50:52 GMT
server: cloudflare
etag: "5e6d197c-3076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 585925657ad36347-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pelosi-chocolate-americans-food-lines--360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 13 KB
13 KB 52ms
36ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/pelosi-chocolate-americans-food-lines--360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9a84792901579ce33cc43754c2dc48bacfeb709ea546eecc82a83fc400074b6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
cf-cache-status: HIT
age: 1057
cf-polished: origSize=13530
status: 200
content-length: 12996
cf-request-id: 022b95b36900006347953c4200000001
last-modified: Fri, 17 Apr 2020 18:58:39 GMT
server: cloudflare
etag: "5e99fc5f-34da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 585925657ad46347-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 site-logo.gif
www.thegatewaypundit.com/wp-content/plugins/tgp-functionality/assets/images/ 2 KB
2 KB 49ms
34ms Image
image/gif 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/plugins/tgp-functionality/assets/images/site-logo.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b8955aa76e21bdffb131ac5ac86e83023b6b0e9065b8f53c5e4ec8eedc7dd57

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
cf-cache-status: HIT
age: 14
cf-polished: origSize=1556
status: 200
content-length: 1548
cf-request-id: 022b95b36700006347953c2200000001
last-modified: Mon, 30 Mar 2020 20:22:58 GMT
server: cloudflare
etag: "5e825522-614"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 585925657ad26347-FRA
cf-bgj: imgq:85

GET
H2 200 yorch20-3-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 11 KB
11 KB 472ms
471ms Image
image/jpeg 2606:4700:10::6816:555
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/yorch20-3-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79cacec47dc923547a440e99eb31552a23eb0cde9ba288957ff8762b47ac7c79

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=11601
status: 200
content-length: 11269
cf-request-id: 022b95b36c00006347953c7200000001
last-modified: Fri, 17 Apr 2020 17:27:11 GMT
server: cloudflare
etag: "5e99e6ef-2d51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 585925657add6347-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 comedycentral_thecolbertreport_0510103_v6_bigger.jpg
pbs.twimg.com/profile_images/633988514/ 16 KB
16 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/633988514/comedycentral_thecolbertreport_0510103_v6_bigger.jpg

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

55dd134081762cd1177a66a82e74d7fccd238870f486f0a38ef7a4495166ace9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
x-content-type-options: nosniff
age: 302128
x-cache: HIT
status: 200
content-length: 16298
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/7 profile_images/633988514
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5ca6f6b640577991d29344f636a23654
accept-ranges: bytes

GET
H/1.1 200
OK rss.png
www.orlytaitzesq.com/wp-includes/images/ 608 B
954 B 293ms
282ms Image
image/png 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-includes/images/rss.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Sun, 05 Jan 2014 06:00:00 GMT
Server: nginx
ETag: "260-4ef32da7ef800"
Content-Type: image/png
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 608
X-Proxy-Cache: HIT

GET
H2

200

add2netvibes.gif
www.netvibes.com/img/
Redirect Chain

http://www.netvibes.com/img/add2netvibes.gif
https://www.netvibes.com/img/add2netvibes.gif

832 B
965 B

122ms
33ms

Image
image/gif

193.189.143.34
TYPHON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netvibes.com/img/add2netvibes.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 193.189.143.34 Ankara, Turkey, ASN34948 (TYPHON-AS, FR),
Reverse DNS: www.netvibes.com
Software: nginx /
Resource Hash: 5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:45 GMT
x-slb: slb5
last-modified: Fri, 03 Apr 2015 14:18:16 GMT
server: nginx
content-type: image/gif
status: 200
x-men: web5
accept-ranges: bytes
content-length: 832

Redirect headers

Location: https://www.netvibes.com/img/add2netvibes.gif
Date: Fri, 17 Apr 2020 21:12:45 GMT
X-slb: slb5
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK addtomyyahoo4.gif
us.i1.yimg.com/us.yimg.com/i/us/my/ 765 B
2 KB 307ms
22ms Image
image/gif 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software: ATS /
Resource Hash: e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Mar 2020 22:11:28 GMT
x-amz-meta-created-date: Wed, 14 Nov 2012 17:41:49 GMT
Age: 1983678
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1352914909579380
Connection: keep-alive
x-amz-request-id: E9F3533F23A0C7FE
x-amz-id-2: XdHq9QQVXTZdPYYZQguGRNGEWV7SoLU4oB3UHs6QkrLcugOaROa9ZKev3US2Veh33M5iNjAXlHo=
Accept-Ranges: bytes
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 17 May 2018 13:30:46 GMT
Server: ATS
ETag: "9652eeb62b03f1fbf4d358ea0ce13107"
Vary: Origin
Content-Type: image/gif
Cache-Control: public,max-age=315360000
Content-Length: 765
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:a7bd8e41-25b9-44bf-917e-b7efec483bac0004ce780c98c874"
Expires: Sun, 14 May 2028 13:30:45 GMT

GET
H/1.1 200
OK add.gif
buttons.googlesyndication.com/fusion/ 2 KB
2 KB 20ms
14ms Image
image/gif 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buttons.googlesyndication.com/fusion/add.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 12:00:00 GMT
Server: sffe
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 2068
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:45 GMT

GET
H/1.1 200
OK feedly.png
www.orlytaitzesq.com/wp-content/uploads/2013/05/ 2 KB
2 KB 276ms
265ms Image
image/png 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/05/feedly.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "67e-4f5f40a459400"
Content-Type: image/png
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1662
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Petition2Congress_200px.png
www.orlytaitzesq.com/wp-content/uploads/2015/11/ 4 KB
5 KB 144ms
143ms Image
image/png 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2015/11/Petition2Congress_200px.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Wed, 18 Nov 2015 19:28:43 GMT
Server: nginx
ETag: "11a9-524d5a676f0c0"
Content-Type: image/png
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 4521
X-Proxy-Cache: HIT

GET
H/1.1 200
OK WethePeople1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/06/ 25 KB
25 KB 140ms
140ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/06/WethePeople1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "636c-4f5f40a459400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 25452
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Defend.jpeg
www.orlytaitzesq.com/wp-content/uploads/2013/10/ 2 KB
2 KB 140ms
138ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/10/Defend.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Mon, 28 Oct 2013 05:00:00 GMT
Server: nginx
ETag: "7a4-4e9c5f8de7400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1956
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Ad-1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/02/ 44 KB
44 KB 140ms
139ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/02/Ad-1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "b03e-4f5f40a459400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 45118
X-Proxy-Cache: HIT

GET
H/1.1 200
OK OrlyABC1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 63 KB
63 KB 140ms
140ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/OrlyABC1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "fc78-4f5f40a459400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 64632
X-Proxy-Cache: HIT

GET
H/1.1 200
OK 281_DVD-3.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 46 KB
46 KB 147ms
147ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/281_DVD-3.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "b7b1-4f5f40a459400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 47025
X-Proxy-Cache: HIT

GET
H/1.1 200
OK appealing-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
15 KB 160ms
160ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/appealing-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: nginx
ETag: "39ae-4761a62767400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 14766
X-Proxy-Cache: MISS

GET
H/1.1 200
OK office-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
14 KB 152ms
151ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/office-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: nginx
ETag: "37c3-4761a62767400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 14275
X-Proxy-Cache: MISS

GET
H/1.1 200
OK fame-small.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 3 KB
4 KB 139ms
138ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/fame-small.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Thu, 30 Jun 2011 05:00:00 GMT
Server: nginx
ETag: "dca-4a6e6c5ea5400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 3530
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Obama-bumper-sticker-Thumbnail.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 13 KB
13 KB 155ms
154ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/Obama-bumper-sticker-Thumbnail.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Tue, 07 Jun 2011 05:00:00 GMT
Server: nginx
ETag: "33d9-4a5181790b400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 13273
X-Proxy-Cache: MISS

GET
H/1.1 200
OK Washington-America-Ad1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/08/ 4 KB
4 KB 154ms
153ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/08/Washington-America-Ad1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Thu, 04 Aug 2011 05:00:00 GMT
Server: nginx
ETag: "e95-4a9a6da5c7400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 3733
X-Proxy-Cache: MISS

GET
H/1.1 200
OK Orlypix1.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 117 KB
118 KB 139ms
139ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/Orlypix1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "1d503-4f5f40a459400"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 120067
X-Proxy-Cache: HIT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 1 KB
2 KB 136ms
136ms Script
application/javascript 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-embed.min.js?ver=5.1.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Thu, 13 Dec 2018 03:28:02 GMT
Server: nginx
ETag: "57b-57cdee6e67480"
Content-Type: application/javascript
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1403
X-Proxy-Cache: HIT

GET
H/1.1 200
OK style.css
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/ 13 KB
13 KB 140ms
140ms Stylesheet
text/css 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Wed, 20 Jul 2016 17:35:21 GMT
Server: nginx
ETag: "3333-53814a0278840"
Content-Type: text/css
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 13107
X-Proxy-Cache: HIT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3008
date: Fri, 17 Apr 2020 20:22:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 17168
expires: Fri, 17 Apr 2020 22:22:37 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 78ms
20ms Script
text/javascript 13.225.73.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.47 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 25 Mar 2020 08:17:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 2033718
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: _kJv9nAHfabzv3fVy-NkRvMricK7DS2VGL6ZiJELkYPxsECDn2Vb6w==

GET
H/1.1 200
OK gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 55ms
28ms Script
application/javascript 13.224.194.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: s.gweini.com
URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Protocol: HTTP/1.1
Server: 13.224.194.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:17:05 GMT
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Jan 2020 19:47:21 GMT
Server: AmazonS3
Age: 53741
ETag: "e7bb56484553f1223fea5d70ca7104f4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 15682
X-Amz-Cf-Id: -Xsz-XI88pN16fbCq3xgtOxLmXeeHnZfWMxtFN0QSJaPYtK2Jdecsw==

GET
H/1.1 200
OK Masthead_Orly_960x244_DOFF.jpg
www.orlytaitzesq.com/wp-content/uploads/2016/06/ 52 KB
52 KB 137ms
136ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2016/06/Masthead_Orly_960x244_DOFF.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Sat, 11 Jun 2016 15:48:28 GMT
Server: nginx
ETag: "ce55-5350296194b00"
Content-Type: image/jpeg
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 52821
X-Proxy-Cache: HIT

GET
H/1.1 200
OK top.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 51 B
395 B 276ms
265ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/top.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "33-4bd601c879400"
Content-Type: image/gif
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 51
X-Proxy-Cache: HIT

GET
H/1.1 200
OK ul-bullet.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 140 B
486 B 159ms
159ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ul-bullet.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87ecb1f5bf30a4f019788a64ac0bc004176a28a539eb37bef3db06e1e44e0351

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "8c-4bd601c879400"
Content-Type: image/gif
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 140
X-Proxy-Cache: MISS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 65ms
53ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Content-Encoding: gzip
X-Cache: HIT, HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 29121
X-Served-By: cache-bwi5126-BWI, cache-fra19173-FRA
Last-Modified: Tue, 07 Apr 2020 20:48:50 GMT
Etag: "bfee88d079c2668aea5525e2d719ba90+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
TW-CDN: FT

GET
H2

200

OreNM9NDxlE
www.youtube.com/embed/ Frame FF80
Redirect Chain

http://www.youtube.com/embed/OreNM9NDxlE?rel=0
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

0
0

148ms
148ms

Document
text/html

2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/OreNM9NDxlE?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
strict-transport-security: max-age=31536000
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Fri, 17 Apr 2020 21:12:45 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=gRvOjKVYH8M; path=/; domain=.youtube.com; secure; expires=Wed, 14-Oct-2020 21:12:45 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 17-Apr-2020 21:42:45 GMT YSC=NoNxKrMiY6g; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=gRvOjKVYH8M; path=/; domain=.youtube.com; secure; expires=Wed, 14-Oct-2020 21:12:45 GMT; httponly; samesite=None
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

Location: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Non-Authoritative-Reason: HSTS

GET
H2

200

948FBVCqTu4
www.youtube.com/embed/ Frame 3851
Redirect Chain

http://www.youtube.com/embed/948FBVCqTu4?rel=0
https://www.youtube.com/embed/948FBVCqTu4?rel=0

0
0

80ms
79ms

Document
text/html

2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/948FBVCqTu4?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/948FBVCqTu4?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: br
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Fri, 17 Apr 2020 21:12:45 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=At43o9FS79g; path=/; domain=.youtube.com; secure; expires=Wed, 14-Oct-2020 21:12:45 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 17-Apr-2020 21:42:45 GMT YSC=rZPuYZFhH4g; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=At43o9FS79g; path=/; domain=.youtube.com; secure; expires=Wed, 14-Oct-2020 21:12:45 GMT; httponly; samesite=None
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

Location: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found Cookie set /
www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/ Frame 5E83 0
0 264ms
217ms Document
text/html 54.209.86.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 54.209.86.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-86-7.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: www.petition2congress.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 740
Connection: keep-alive
Set-Cookie: AWSALB=bdxv2Qu88z+cArWxicTqSarp5leRh4idbGpkEPTDE+BxreAccqGK7jYiL9BSHv8JQARFzirhmUpgQna5M2Og6xPgmZeeKcjLflabfvPbpUz2EPOzI/UMe6IYLyRI; Expires=Fri, 24 Apr 2020 21:12:45 GMT; Path=/ AWSALBCORS=bdxv2Qu88z+cArWxicTqSarp5leRh4idbGpkEPTDE+BxreAccqGK7jYiL9BSHv8JQARFzirhmUpgQna5M2Og6xPgmZeeKcjLflabfvPbpUz2EPOzI/UMe6IYLyRI; Expires=Fri, 24 Apr 2020 21:12:45 GMT; Path=/; SameSite=None
Server: Apache
Cache-Control: no-cache, private

GET
H/1.1 200
OK bullet.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 49 B
393 B 139ms
138ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/bullet.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "31-4bd601c879400"
Content-Type: image/gif
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 49
X-Proxy-Cache: HIT

GET
H/1.1 200
OK foot.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 50 B
394 B 149ms
149ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/foot.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "32-4bd601c879400"
Content-Type: image/gif
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 50
X-Proxy-Cache: HIT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1859932247&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1859932247&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...

35 B
101 B

13ms
12ms

Image
image/gif

2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1859932247&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1092082328&utmr=-&utmp=%2F&utmht=1587157965758&utmac=UA-38912701-1&utmcc=__utma%3D209516236.169382701.1587157966.1587157966.1587157966.1%3B%2B__utmz%3D209516236.1587157966.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=66007681&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1859932247&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1092082328&utmr=-&utmp=%2F&utmht=1587157965758&utmac=UA-38912701-1&utmcc=__utma%3D209516236.169382701.1587157966.1587157966.1587157966.1%3B%2B__utmz%3D209516236.1587157966.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=66007681&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 54B8 8 KB
3 KB 334ms
258ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28d76f867bf1d931ef2073f8b87f297cbfd2b4477258d67f029d7f3ba8bae58e

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3031

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 7204 8 KB
3 KB 334ms
261ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 37793007ece21aec21516a43c2dbee50c5a8223738edd30fc1c1cb0533a347e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3034

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 6B3A 8 KB
3 KB 336ms
265ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dde0677c0b0db11379d66827895724d5fb5b196ecb1dc01c0dcfd920e0db094b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3034

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 67C2 8 KB
3 KB 335ms
267ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4fef72bbf954883510edf5344dda10f894f2a64cfdff4a3d037b2de76370c71a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3031

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 305ms
218ms Image
image/png 54.83.148.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7281&Zone=ATF&g=224
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 54.83.148.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-148-98.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 21:12:45 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
328 B 226ms
214ms Image
image/png 54.83.148.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3001&Zone=ATF&g=432
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 54.83.148.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-148-98.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 21:12:45 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 224ms
213ms Image
image/png 54.83.148.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3002&Zone=ATF&g=530
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 54.83.148.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-148-98.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 21:12:45 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 224ms
212ms Image
image/png 54.83.148.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7282&Zone=ATF&g=353
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 54.83.148.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-148-98.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 21:12:45 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 58ms
18ms Image
image/gif 13.225.73.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=OrlyTaitzEsq.com&time=1587157965859&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&random_number=20186247625&sess_cookie=40f7f71117189fc9c21e934f8fa&sess_cookie_flag=1&user_cookie=40f7f71117189fc9c21e934f8fa&user_cookie_flag=1&dynamic=true&domain=orlytaitzesq.com&account=FEYuj1aAkN00q1&jsv=20130128&user_lang=en-US
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 11:47:55 GMT
Via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 56367
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C2
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: Ft4n4Dl-ZiGtN8p9zSRp4NICBzXQ2wpYIyt9HEu8c4ZnEqXbCIlBWw==

GET
H/1.1

200
OK

test.png
a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net/
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net/test.png

58 B
58 B

293ms
269ms

Image
text/plain

99.86.61.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net/test.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 99.86.61.157 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-61-157.yto50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Via: 1.1 703b08cef218787c0412d1e05c5a7766.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: -BRyvb8lLA-DQUQ90xXuXdPponzRrHzcMR3XGwKBXW1AwYclwTlpJw==
Expires: Fri, 17 Apr 2020 21:12:46 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 21:12:46 GMT
Server: Server
Content-Length: 0
Location: http://a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net/test.png

GET
H/1.1 200
OK widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame D288 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/419A) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 147469
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Apr 2020 21:12:45 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 07 Apr 2020 20:47:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419A)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H/1.1 200
OK button.93a0c25c2d2f3081c705c98c2d9dec0e.js Show response
platform.twitter.com/js/ 7 KB
3 KB 14ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.93a0c25c2d2f3081c705c98c2d9dec0e.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:47:38 GMT
Server: ECS (fcn/40DE)
Age: 156839
Etag: "0745fc0bb127ba13d716d66761b4628d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2298

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 2765 277 KB
277 KB 71ms
30ms Script
application/javascript 13.224.186.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Protocol: HTTP/1.1
Server: 13.224.186.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 53375
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: S0NxwzR7VuM7My9LYD1RHwIcpr0JbSmnFtWiLyVQpSrlsaMc63vGHQ==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2765 43 KB
14 KB 55ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab0dc6c4a4f355cf028114ff40468c515c964cc062789d234a2b7adf85d5ebb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "489 / 555 of 1000 / last-modified: 1587071041"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14316
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 5B4E 277 KB
277 KB 65ms
29ms Script
application/javascript 13.224.186.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Protocol: HTTP/1.1
Server: 13.224.186.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 53375
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: qcMZ6JVJx0ApyQHbZD7U8Kjam68J8EGpSV-OFcOVjAwJWzPjFJhUCw==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5B4E 43 KB
14 KB 59ms
52ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab0dc6c4a4f355cf028114ff40468c515c964cc062789d234a2b7adf85d5ebb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "489 / 599 of 1000 / last-modified: 1587071041"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14316
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 2338 277 KB
277 KB 57ms
29ms Script
application/javascript 13.224.186.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Protocol: HTTP/1.1
Server: 13.224.186.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 53375
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: _FqA2ItbgkRNVNOF36pAuFYpa7Fm9wsY19Tl7g3INdrJMfazZeTXsg==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2338 43 KB
14 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce999c0ef4ea924d578a5c1fa8e4794fc521079e97a6df92c52b7de64043080e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "489 / 165 of 1000 / last-modified: 1587071041"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14316
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 120E 277 KB
277 KB 42ms
31ms Script
application/javascript 13.224.186.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Protocol: HTTP/1.1
Server: 13.224.186.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 53375
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: ZtKA3I75Jm-gEXohgX55472tnq8q4CvQfU4n4y73rEGv8rgUETlumw==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 120E 43 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "489 / 63 of 1000 / last-modified: 1587070946"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14316
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H/1.1 200
OK tweet_button.6787510241df65d128e2b60207ad4c25.en.html
platform.twitter.com/widgets/ Frame 14C4 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 156838
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 17 Apr 2020 21:12:46 GMT
Etag: "19c3039cfd5675cf5859e70ff1c2f6e3+gzip"
Last-Modified: Tue, 07 Apr 2020 20:47:45 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12395

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2765 109 B
171 B 34ms
20ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2765 109 B
171 B 78ms
63ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2765 167 KB
62 KB 115ms
29ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62526
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5B4E 109 B
171 B 27ms
19ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5B4E 109 B
839 B 71ms
62ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5B4E 167 KB
61 KB 119ms
39ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62526
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2338 109 B
839 B 18ms
17ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2338 109 B
171 B 63ms
62ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020041603.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2338 167 KB
61 KB 116ms
44ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

02cc65e914695a06d3e7c03943861266dab81cbebc63263127eea6f72a201868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 18:07:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62523
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 120E 109 B
171 B 22ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 120E 109 B
171 B 21ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 120E 167 KB
61 KB 61ms
53ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62521
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:46 GMT

GET
H2

200

ADTECH;apid=1A2fccbbd6-80f0-11ea-a94c-121c10c2940c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 2765
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fccbbd6-80f0-11ea-a94c-121c10c2940c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;b...

2 KB
3 KB

204ms
204ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fccbbd6-80f0-11ea-a94c-121c10c2940c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1ab644733c53d53711946a4aa2bb094963e3aaac41e0bd506fb65dd78e07afbe

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2368
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fccbbd6-80f0-11ea-a94c-121c10c2940c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=137e84d3aadf984;misc=1587157966585;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 2765 0
373 B 140ms
49ms XHR
text/plain 74.214.194.134
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cw-server: bid-deployment-6694f48bd6-mnb7g

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2765 50 B
750 B 64ms
52ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:48 GMT
X-Proxy-Origin: 185.236.201.139; 185.236.201.139; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid: b36349db-d731-4a00-8c9b-634aa90d0457
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2765 237 B
2 KB 153ms
89ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588898&size_id=2&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=6f889824-a7aa-4608-8076-b30e36f7a770&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6157353825828087
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 22e611b88ea196c76a959f6c40bef620e5896ce086d6c3dd725bd1c995bca4f9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:46 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=441
Content-Length: 237
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 2765 0
119 B 92ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 21:12:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 2338 0
216 B 130ms
50ms XHR
text/plain 74.214.194.134
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
cw-server: bid-deployment-6694f48bd6-f2bbw

GET
H2

200

ADTECH;apid=1A2fcd60ea-80f0-11ea-8e66-1248c7260bf4;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 2338
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcd60ea-80f0-11ea-8e66-1248c7260bf4;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;b...

2 KB
3 KB

186ms
186ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcd60ea-80f0-11ea-8e66-1248c7260bf4;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: a297f95ca519018f9036e57e16fc8b62020c5105c31c5e1eb9efd36562e11df3

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2368
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcd60ea-80f0-11ea-8e66-1248c7260bf4;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13cb28821f5c901;misc=1587157966600;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2338 234 B
2 KB 176ms
108ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=6d09c33a-c9ca-4fba-9a7e-8bb1ea2dc863&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.49109210646903967
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d8beb9eab20fb5d4148f1789817fe1d4b696cbb28f9ad3b3cf05aa32e05d7cc1

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:46 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=116
Content-Length: 234
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 2338 0
63 B 84ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 21:12:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2338 50 B
748 B 61ms
48ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:48 GMT
X-Proxy-Origin: 185.236.201.139; 185.236.201.139; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.5:80
AN-X-Request-Uuid: 386dd346-e514-4d51-985d-27f2cb4dee2a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 5B4E 0
213 B 122ms
51ms XHR
text/plain 74.214.194.134
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
cw-server: bid-deployment-6694f48bd6-hcvwz

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5B4E 50 B
750 B 68ms
54ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:48 GMT
X-Proxy-Origin: 185.236.201.139; 185.236.201.139; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid: 66c4de42-cdae-4523-8337-697cc925e0a8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5B4E 0
63 B 75ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 21:12:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

GET
H2

200

ADTECH;apid=1A2fcb4db4-80f0-11ea-8e83-121ea8d7377c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 5B4E
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcb4db4-80f0-11ea-8e83-121ea8d7377c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bi...

2 KB
3 KB

180ms
180ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcb4db4-80f0-11ea-8e83-121ea8d7377c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 49dbb20c3a62235ce1eed68dd987db8b7a0740ae1d6b1f6e8f5a2260dd47d307

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2367
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A2fcb4db4-80f0-11ea-8e83-121ea8d7377c;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=131b2953aa6285;misc=1587157966610;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5B4E 234 B
2 KB 246ms
112ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=393b60fb-4aca-4d8c-9ef1-f883e74b7fc3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.32424889971340076
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 568181e67d9033b35fabdd43eb15a24505cdc108da8f946466a2dfcfbdfdd290

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:46 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=328
Content-Length: 234
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
338 B 176ms
175ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.orlytaitzesq.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1587157966625%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a2aa63b%3A1586240908307%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 152
pragma: no-cache
last-modified: Fri, 17 Apr 2020 21:12:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f96e3ef91cd45bea738063e2db494294
x-transaction: 0048725a0037397c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

ADTECH;apid=1A2fcab44e-80f0-11ea-8f9f-12358a211a00;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 120E
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587157965;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fcab44e-80f0-11ea-8f9f-12358a211a00;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;b...

2 KB
3 KB

189ms
189ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fcab44e-80f0-11ea-8f9f-12358a211a00;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 29114bcf1bfa71c2d3ede4c9cff63bd68e0c4ea841f75e99dbc6131850be9a51

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2367
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A2fcab44e-80f0-11ea-8f9f-12358a211a00;cfp=1;rndc=1587157966;v=2;cmd=bid;cors=yes;alias=13aa6e1c8bad49d;misc=1587157966632;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 120E 50 B
749 B 37ms
31ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:48 GMT
X-Proxy-Origin: 185.236.201.139; 185.236.201.139; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid: 18af38f6-470d-4adb-9dee-7b73029c7c6d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 120E 237 B
2 KB 238ms
113ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588898&size_id=2&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=d8324abf-42fa-4a42-83b0-9f1986de8ce5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6920564313008848
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 309c7ed889c1b81ec9982a66e8aaaebfcc618da0f71d7aeeb65983369a490392

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 21:12:46 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=267
Content-Length: 237
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 120E 0
209 B 77ms
49ms XHR
text/plain 74.214.194.134
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.134 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Apr 2020 21:12:46 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cw-server: bid-deployment-stage-0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 120E 0
63 B 33ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 21:12:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5B4E 14 KB
8 KB 312ms
312ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2421258828295556&correlator=827638624157978&output=ldjh&impl=fifs&adsid=NT&eid=21065890&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3001__54%26passback_pb%3D0.40%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1587157967&dt=1587157967301&dlt=1587157966158&idt=529&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=313&adys=483&adks=30620639&ucis=xhgnbbt4kfjv&ifi=1&ifk=1621562291&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=1789709493&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

b5ad47573428de06fa6e48cc5eeb5369a1021d5ad0648c44945ebeab05be9e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 8443
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5B4E 64 KB
23 KB 31ms
31ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23935
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5B4E 0
0 18ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 120E 4 KB
2 KB 351ms
351ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=405650006823137&correlator=3877952237461694&output=ldjh&impl=fifs&adsid=NT&eid=21065202&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7282__54%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1587157967&dt=1587157967318&dlt=1587157966168&idt=525&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=7575&adks=3698927989&ucis=j9i7dvs4sxo0&ifi=1&ifk=3718035668&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=806632249&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

d8f904cb07d25c24d591bf9dac925204753baebc5f95a065714e41ffe6cc40f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2301
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293814951
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 120E 64 KB
23 KB 30ms
29ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 120E 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2338 14 KB
8 KB 344ms
343ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1376125675315836&correlator=4357992903884494&output=ldjh&impl=fifs&adsid=NT&eid=21065894&vrg=2020041603&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3002__54%26passback_pb%3D0.40%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1587157967&dt=1587157967332&dlt=1587157966163&idt=498&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=2&adxs=973&adys=637&adks=31174620&ucis=4sfykmvj1gdy&ifi=1&ifk=1621562291&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=1449112923&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

a9b59c276e5d2fbbddb321a19a614fe4750b3706d6ec9c13d1a6e699acb13a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 8156
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041603.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2338 64 KB
23 KB 30ms
29ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 18:07:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2338 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2765 4 KB
3 KB 218ms
217ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2782999999036372&correlator=2194493530423370&output=ldjh&impl=fifs&adsid=NT&eid=21065890&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7281__54%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1587157967&dt=1587157967343&dlt=1587157966149&idt=526&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=545&adys=16&adks=3753387349&ucis=11vbb7t4x4mq&ifi=1&ifk=3718035668&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=1203829799&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

cc5a1204bbda0642df2154189663725ab3bcce44b358a00659021b1502e60e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2289
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293814429
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2765 64 KB
23 KB 30ms
29ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23935
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2765 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F07E 0
0 37ms
36ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKW1YS-LRPekCrsindTEq7El503hGSR8tjxxHA3ZFIzldWtK8NknqYtAYpwkHg9ncV3ZdkrAV1_z-K0UV2I8Z99JlaVggXKoIxSAIn6A4Lswp5hxKJzTVFFHD592mCCvSB-zoaVkGyVpIwwuwm0GeFD44eRSnj-Aw6wGCSuGc029vJHrYHjgc4hGUpdf14pCq1I7qnzM2YafTyqry4uZxGVcJKwDSJYrXbVvIf3QqGmc7sUxQ6dHCdwWnbMl9VddZ6SD-eSqlIVutXaQFt-F1P&sig=Cg0ArKJSzEDChCaiysKxEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F07E 43 KB
15 KB 29ms
28ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

d6c867845e5c8dc99717f8be1b2078a9de5d88951a099beb5b25d49ab96a8476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "489 / 323 of 1000 / last-modified: 1587071041"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14761
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F07E 74 KB
28 KB 56ms
44ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2765 74 KB
28 KB 51ms
42ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2765 0
728 B 27ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2782999999036372&r=728x90&w=728&h=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2765 7 KB
6 KB 29ms
16ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a651bd634554e73a9c4c0125ba888d7ec2afe0c93c62ecdfed4b78c8adf99716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5127
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame F07E 109 B
839 B 31ms
18ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F07E 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020041604.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F07E 167 KB
61 KB 29ms
29ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041604.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

5394aa6963b40ee6aa87e794e555a588c398df4786a1ddf42d606fb1e7ea205e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 18:47:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62500
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2765 14 KB
6 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7D5F 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 16 Apr 2020 08:27:45 GMT
expires: Fri, 16 Apr 2021 08:27:45 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 132302
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B4E 74 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5B4E 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7de9b44cc24458620c89543fbadfbed0e3abe72d588fff945636c703563aca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5163
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F07E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f1c13e5496da20c3b448674a24b70ec865b368323028b456f557d0f0d4baab6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B4E 14 KB
6 KB 59ms
56ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9C9 0
0 30ms
28ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJCLbXES1vv8cA8M15zhOwhnW-SZGRVYSWNMGwO_jNzVCPolUUN8ivna6aZovWaFrKJdVrFzo0rXwrqEVMHLNW733a9ht6qbhs8zDIUEVdwVX4Z1Nu5eh0fzYoHKcIqZ-Lw1LWRAmr_r2SJK73KuKy-c8CpVVPDCEWiCf2P3_gk7bdNNeOr5oaEv8Dnew_pCf1zisIPlggOuyrdmWI06wZLZH86cunjwaU-BWcYL4hfkwv8hYmelG581NbXI8CL_tmEgBiYUMTbHn_jhnf5Kp4&sig=Cg0ArKJSzKct2Kiq8HWvEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B9C9 43 KB
14 KB 30ms
28ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

d37bdc112f836ff1b1f7447b5d0550c9fe43af8124dc783b6235290175103c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "489 / 344 of 1000 / last-modified: 1587071041"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14315
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9C9 74 KB
28 KB 100ms
98ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 120E 74 KB
28 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 120E 7 KB
5 KB 19ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25388a19437615faf2c2531ec3b7a156ec4a45a08bb6d63ad57f1f51fdb3e382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5314
x-xss-protection: 0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C3C1 0
0 5ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 16 Apr 2020 08:27:45 GMT
expires: Fri, 16 Apr 2021 08:27:45 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 132302
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2338 74 KB
28 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2338 7 KB
5 KB 16ms
16ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041603&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa9776c6408b4648ac5339406c229a54fccda3f0ad6c83b2f60598e39d5269b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5137
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 9767 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1470
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F07E 4 KB
2 KB 194ms
193ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4465315131212908&correlator=200552857940996&output=ldjh&impl=fifs&adsid=NT&eid=21065900&vrg=2020041604&guci=2.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D8de0e54759068ab7%3AT%3D1587157967%3AS%3DALNI_MYmsN-S04praLkcsLLyEeKK0LNjSw&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1587157967&dt=1587157967854&dlt=1587157967576&idt=201&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=545&adys=16&adks=3312051823&ucis=ye39yodwo6v5&ifi=1&ifk=3627238188&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=198699535&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041604.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

96506a2ab9dc27a831761a4aeee4bbe5d94c738db692ecd8059e7b58ff537fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1974
x-xss-protection: 0
google-lineitem-id: 4666443339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667216
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041604.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F07E 66 KB
24 KB 87ms
87ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041604.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041604.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

45ef6e598688d2299eb20a5386b93438fb57ca8d79f7c20c30a1120335e67f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 18:47:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24853
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F07E 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041604.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 120E 14 KB
6 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2338 14 KB
6 KB 77ms
72ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C899 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1470
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame B9C9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88dbfc208a3c35d554206e25087e85e57e6f437bacc6af89790e94220da8293a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame B9C9 109 B
171 B 22ms
14ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B9C9 109 B
171 B 23ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020041603.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B9C9 167 KB
61 KB 98ms
91ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js?21065899

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

02cc65e914695a06d3e7c03943861266dab81cbebc63263127eea6f72a201868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 18:07:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62523
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 36BF 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1470
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 1B71 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1470
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F1E 0
0 79ms
71ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFGjw2jLV2qM-Gvgiz96YSRkV2N5NG3scD697Po_9YEX0qcV4NdHQ51vXa7xVye0peMhNuPancXYgGFoWd2-gH8YomxQPTxOVGmR8pKrfi5CoXKpZUKNTb5wf7PF427UB3keNTsenu5CgCpYVQvFEeJz6pOzaV-fvnN1YRJZ9QhXROot4Mp-A_mxN6Y2EQW7JtK9I4l-S8T4qDFA5sJPe6EMPmRQ8ySBgc4DTWNRHQXyfvFoDdeedDHZBVM5voIjST3wkwmXqwypHQEML_5dFDhtM&sig=Cg0ArKJSzE_Azyook27UEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0F1E 81 KB
30 KB 78ms
66ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041604.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e97da01252a9a1adb85584de988e57bd36ec3b45b95b72fe85c5a101fcb6099f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 17 Apr 2020 21:12:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14933073036676509135
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 30321
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F1E 74 KB
28 KB 79ms
71ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041604.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F07E 74 KB
28 KB 76ms
72ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041604.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F07E 7 KB
5 KB 73ms
69ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041604&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041604.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

145cd8de34183b13220094d51b72d14a9e47913a5103096a452fe643d9193ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5198
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B9C9 4 KB
2 KB 197ms
197ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=613638523072722&correlator=295208560811154&output=ldjh&impl=fifs&adsid=NT&eid=21065646%2C21065899&vrg=2020041603&guci=2.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D8de0e54759068ab7%3AT%3D1587157967%3AS%3DALNI_MYmsN-S04praLkcsLLyEeKK0LNjSw&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1587157968&dt=1587157968160&dlt=1587157967717&idt=371&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=7575&adks=3312051823&ucis=v1pmd49xl691&ifi=1&ifk=3627238188&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=169382701.1587157966&ga_sid=1587157966&ga_hid=1986508287&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js?21065899

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

9471ab0d40631c07cffea497a5091058b386ef5e83eca75a878c4ace3467735c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1973
x-xss-protection: 0
google-lineitem-id: 4666443339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667201
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041603.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B9C9 64 KB
23 KB 26ms
26ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js?21065899

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js?21065899

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 18:07:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B9C9 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js?21065899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F07E 14 KB
6 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041604.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0F1E 109 B
171 B 69ms
68ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0F1E 109 B
171 B 67ms
67ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/ Frame 0F1E 216 KB
81 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83122
x-xss-protection: 0
server: cafe
etag: 9756899714300984333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/ Frame A2AC 0
0 12ms
5ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200413/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnLOk2aqhOoPcyEU8-u2T6EgDnXeUX42e5863S48067aPNN7l_DOBtJAgo0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 14 Apr 2020 02:35:42 GMT
expires: Tue, 28 Apr 2020 02:35:42 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 326226
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 0F1E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e5d91ca59abaf6e098772bb3cbcd46e5aa637c686d367a91706f222aeffc44f

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 38F5 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1471
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1

200
OK

728.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame EEF5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193763&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlyt...
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

0
0

128ms
32ms

Document
text/html

13.224.186.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 158
Connection: keep-alive
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 17 Apr 2020 09:51:05 GMT
ETag: "ad7b75065ec6b24a73a254d232ead673"
X-Cache: Hit from cloudfront
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: y-YcldmoamO2KyEB6X69ehnc75qxawSxEPMv8hyau3FDW893mjJliw==
Age: 40904

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Apr 2020 21:12:48 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F1E 74 KB
28 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame ACB5 0
0 60ms
59ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9F3rjauI8rVK1rVSjVjbjMz2-R9Jk-7L1NJcnrfanhezYdowDv0PYP6LJ--qyHLUtL74dHTXcZfivD_QE53kQHrmK-KjPhT5Sz4Vd8aOIKlznl9rU_hmcfgXmOB6xkbS935cENGgbTAKucATKRnNanAZmsPA-9VpNmAi8WJXRaUg04gTYba-ef_g5-VvdYh0MAPTjezl59z9pqqulXDS2samujVNwXsTG2bqT7_BeJDS_SsecfJ5ieoTPplWb_lBcfDw-onmo_P0HWRMjy17ouHI&sig=Cg0ArKJSzKSgQNvGsSREEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame ACB5 81 KB
30 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js?21065899

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4922c3415af9c43a8220c2193ba9d52d63e0c3f47389ffb09472e82e3ce4affb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 17 Apr 2020 21:12:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9228221829246586165
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 30318
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACB5 74 KB
28 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js?21065899

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9C9 74 KB
28 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041603.js?21065899

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B9C9 7 KB
5 KB 55ms
55ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041603&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js?21065899

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf1dd8c2d40c35c5b6bacb66d6d38e832610ddcefb16b396d19725abfb9c832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5117
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B9C9 14 KB
6 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041603.js?21065899

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame ACB5 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame ACB5 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/ Frame ACB5 216 KB
81 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83122
x-xss-protection: 0
server: cafe
etag: 9756899714300984333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
DATA 200
OK truncated
/ Frame ACB5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21c473d1aff0116debda8658947e28b889c21d273d6d3546b659cfa75680d747

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A17B 0
0 5ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1471
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1

200
OK

728.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame 3BBD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193766&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlyt...
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

0
0

20ms
18ms

Document
text/html

13.224.186.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 158
Connection: keep-alive
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 17 Apr 2020 09:51:05 GMT
ETag: "ad7b75065ec6b24a73a254d232ead673"
X-Cache: Hit from cloudfront
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: UvQicNFsSe9PX5jPEuwT9TX2j0pWABN68wHEh4UIwh0sbA9snhKAhA==
Age: 40904

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Apr 2020 21:12:48 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACB5 74 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0F1E 7 KB
5 KB 19ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200413&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ddd31fda18372791bf0414c6078e57304a11fdde6155b50b5716affd3278bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5169
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F1E 14 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ACB5 7 KB
5 KB 61ms
61ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200413&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43b6c47efc4f5674a51b4c01492c3c012a9da7db4565dc669b85518d05db11a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 21:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5195
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F07E 42 B
112 B 65ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucG-BRpAhFcPIlciAMBklVVUBbbSiS47Bdmv0kJo0sh3rIZVWXdQh2czA_GY5FJ4Yxp36SYaTtg-2FBfCEC7G3jxwFcVS-Xn6U3ojWv5k&sig=Cg0ArKJSzAAQPnu4buDwEAE&adk=3753387349&tt=-1&bs=1585%2C1200&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&p=0,0,90,728&mcvt=1017&rs=0&ht=0&tfs=209&tls=1236&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1587157967580&dlt&rpt=122&isd=0&msd&ext&xdi=0&ps=1585%2C7716&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-4-9-9-0-0-0&tvt=1233&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame B697 0
0 84ms
83ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1471
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ACB5 14 KB
6 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 21:12:48 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5740 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 20:48:17 GMT
expires: Sat, 17 Apr 2021 20:48:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1472
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0F1E 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstedgf9YxqU9hDVmcLMZtnI47eq_Zg6cz1slud4P5fGpO2r_WQgdwPvQyhAzbAjpQY_d7hQGMSTiwO9eNNB0lwLKHA3Exs934Rr_omgFk8&sig=Cg0ArKJSzAGdgtFFAjQEEAE&adk=3312051823&tt=-1&bs=1585%2C1200&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&p=0,0,90,728&mcvt=1061&rs=0&ht=0&tfs=302&tls=1291&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1587157968074&dlt&rpt=680&isd=0&msd&ext&xdi=0&ps=1585%2C7716&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-2-9-9-0-0-0&tvt=1291&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2765 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020041602&jk=2782999999036372&bg=!5-Sl5PxYPPyUgW_lEY8CAAAFw1IAAABCmQGZVCSbyKeoJSWcJpZsSMFvgXVovpQvNeDkmgNbX9_JaQLx0xA36kD46svXJn6WC0JOBnDVF_OI2nxVUYjXueYQvXYmeYOWZ4Ux977MGSW2ANnq_XjfBBCRp_ydgpXzAv54dzm7qOwUdPqzTq-i4OmuR6EM33_JrQV_bvNyeOSLOzal3hF-YRXacWLCw21ig-l8TlCofhB_9GdEseFtXFe_sjRCth2ZDH4DGYIkJF2Znhfwo5dYkGKEpn-K0s5j6g6s_N82j0hgB2eiVSxrnMTR2cNrxGH2TtTCCqwyO4XhRc4hXVSvBlldojgyb2-cDw96AP0biQ-WegcalAqhGP2aQPhff6w1Y384_4zZ8tn7BldQ_g8gJp6MJp_xs5WVcBWpGrImy5GcXHlpQRiTKJBb790Y80OyvR6pnp0KS6krXL5E6nsnsvvmil7omr7memHGs8eLG5qvlEkqnKJHI8lICR5vc26Cw2d3OGvHenZUMWjdDN9yVILfxdXqgH4UBjVvPmW-jvpDj34-netUvP75t5DfWtE--abxZQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B4E 0
49 B 15ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020041602&jk=2421258828295556&bg=!dHeld29Yc-iwnAc84-QCAAAE-FIAAAAlmQGZAWN1nEc3fhtO1gYHIJJbeRwdP3pRw3QPYMxDrg-yWG_L2DlGZ9Mu3zwwS3_IyxWkjRec1lvMca6Yst7kk7bc40cDMxiwvcVN1cp_CTmF33SibYn6P9Kmc_NF8xofYauydWDEBjUFP2-CSraXm2ypYUhr8g0VTUaAHh5-55pAMBcW5jSj1GrxSpYE8B9IVWri4mjJFJYQv-OLqPeN6lAWiUyiDXYwGIAt2e_FiIofpDXlgng3A5WMx_TvuHaSohVOJCVQyG7twbz5-9YjoE7nhp6AyB29H2BUwVTE7eKBoI4ZsiUOcd-hAfFWQKcytKaNkVzbDUBmCqnGeRCq42ypZTwxNSin55fgkRPKBzikXFdQT9oJMtkH3lnNh9NYJlvKGORjCvsSX1Q6muOTvxAFaUznMnOiIhQ2b6MECPHnlBCT3KBf5Id7qNnD7GNxYj_rHEoUTXyIS25pE-d2YUT1e0AQKR_-yy-liEwJWg2lXR4PbzahQK1fYfLvSmcivoFu0GsAioPrEIMZiB1sye1MEJ1HrgOvQ-V-Ww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 120E 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=405650006823137&bg=!4eKl4vpY6_ApblpQKkwCAAAEqlIAAAAnmQGZzgPZJ8YKF9jjj7frCqxPKPgdHB767a_yb909uAYLb_2nMoDJAf8fIvd0fHm-4t3h6hJwFG0I72GKjH2bvRqe6gnbM4kN8IRZAAEgBmUx-WGWRbTDCLT34tDAWxeXVsS9irctlW3mJg8pBtJOPIwtPqmRiS081FeOKjRL7nwizjHUFieu7_MQlDT2Zcpbb1aw3JoLbrzFn0EhBdMkc62Vnfxx2ebyEmT6JfPvSm67qchySOrASl78rMJa3rEUOa0WZX2JlfREVzZ_3jzYgD50C9_Hhe1OgJd5bnuvmPVnW2lHHzbkD3ZF59cDrFyvq8lJVocRtwt2adl1dyrssWpvfW-roVnJ981DSiR9d1c91YBcfPpbTRu7zPSOuk2PScSWLla-k9fbNwQH8Oqfwb82pURePfH89JM2Y3e-HGgI51zFPt8QX3ZAcSu47S9O6p9l5sih_4FtRfGfJ4sYNF1iBFF6M3w_rPg5R3r-hVy79_nVh83i_cvEUMZCfs08t2-OAA4yjtC1vGHOi1hZ4nFAB0QZMDj5jJp2YA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2338 0
58 B 39ms
38ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020041603&jk=1376125675315836&bg=!aWqlanJYkq34eVT8Ac4CAAAEolIAAAAqmQGZOSfD6T6-MlP8qT8RmWxU-COlziz_QDk4VvmZapahR7nvlP9VSY-8tewQmMjghbVaWRLmPWEkeHfza-ZQms_QYkYdaOYVP3ApT-uegFqlitwe3zROR33uDpdYrRoqEEdyIrqheTrk4dxme8t8H_UuKmET1z_yWJbwrYQmaOH2L-u2Z4z-iFQ5F5-thRrr65iQBnaBPyYhkQgfCkOeZudAKfdFuGFRpScC-imkApKZsawSkmpNHitYsQxL0e1YYPDcZopoEZc1V7LmYcKM8uvsSXJJqyre3WxJZb3HpFi5xY0a5PhpZm8t7nuqPRkRMW6TNvTtJq9HsSTA4T1yjYLDnrYK95B1RxsAo-lljIsUMIhQej1wir68KcNZRnr0Dl0Lc6XRc2TumVms0E3RHmNb3r7c9zR80eWmGc7yqidNhPLw2yC1bwKmDKlQPxoSD7PChCIMgEp6KGVBcPFv5HiKhX2agaUVqrrjt8N2MJxeB-N3_TKXqpbNOujEK2yYVPx8vi8qqwYXqnLVc0smEn64mwpowXcDQ45J1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F07E 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020041604&jk=4465315131212908&bg=!R0SlRFxYF2j4sKSpbpQCAAAA0lIAAAAdmQGfOURMDJmPZ9oHr-PkGKYxJO6i2LagzYxMq-fCuyPnHNtpmObIQaAB6Y9FakGvzmcOW4HjiGdbU8c1jv90PJ1mOLZticFWKhZYPkCR1nKqSo4xt4QUhm71C9FzvAWsVMERLwW7sdNxEY1VT0Iu5HITxEc5HTeRDz9p0m8shtBG45Rr_LjMDLSBcuPu01n2_m8DRr8i0JjRdfD-nVreuFvQtYs-jh5k8d7DWr7hgbICBff3CaZAsOP82H0FaRl8iffokQhRDsnzTu-mmuAjkXnpO8gp6xvHFgvxJNpu1mQSsuzKYw0smfkePyUmC0-Q49tqa46Z1t0EO4jElYwfVabG56kkoYZXyYpKSgy1lcacUFgoN_NBVgOoVNA3Stea81EBxm2NKkQQgcJ1YP3Ljt25ABBqYOLC_TmNnQCANEhAkt8Bv8BS4yRUkI_uIksboeJ1ckMyLAKsMvfR4ecntkszzcdHImIE6qsBBhHMzllP495Cw7iv9-4WUkartEpWheI7cDN8qzo-bTC-o0723UFZudoOInyhMTKeiukVcKsxxQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9C9 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020041603&jk=613638523072722&bg=!CAulCxNYULOLqqHArv4CAAAArFIAAAAgmQGf5g4mKW375h9iguVfbCRcvMdTofbJ3Uo1REKS2kY4JCQsHN9Q39LgAK3vGDs5Zi8arTFm0Oh_q08KjzIc7xeHLFl3t6wB2k1rIoh23IzCMqL2Dj9mLE8qjZ9qY2x_D-rm9HZqCBwvR4OzUfh7CSxlXfzi6NN0iZIa3mcf2BZ9hF2K4OFCHo3MmhkNO7MMP0wHUTcWADtgl0KSle6mMtXJHIWSxMKNxdM7-yrB7aeStLgH9rVirMpEKvPftetTiYGR_l2NA70cRH4KI2W4tmKx1MJCUMohRBBNW8ViSJ4M0WNqz6DixtoZcuE0-UCq1JhVnyFJWaQDW1Uu8pKlYPqeIqHJkGGRvA6Dg4A63Qf2NALLDX_xOkMfJVgcMWCJAnAgKYecfG_XouCMHp870sdJtIXTTh9tCuLV-kPpuRo4f_k1blN61DdVaUp-La1vqShOWT8T1UXzbpA68q0RqY6LjMKqRhihOOddlhMwcBS8dnkBhT5jZezHS9N7pK2_r6jtDZEYCz9hiZt-d462m6HcD-12b_SgXP8CHlDkWlvBXw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F1E 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200413&jk=3502704934320168&bg=!6eql6vJY4hvlnmzRV7cCAAAAoVIAAAATmQGlUYefLio7_jAXKDQhUrjS5USsrbY0Ts_rLpkmAlwQJKpt3u63Kcw7BNIiuL5CtjA9qaE18yb9D8qtBwiXM2oOnbhGpNkg15Sde4ypfltOPxcC_CkJc5c6DfMYleuPDwZAXQyz0XOiXbccU5ykuwnCMPQebBLznJfxJUSAxVHa4YMhgeHI602ePArmF5q04G5HmSYziA5djwQV0JNkR-1U5KBC1GWXBEQ1R9_qT_7qjN7QMUn64oA2xmVVzfAiFvTp7fSTYWoZD11UsVXqK-Ff0SnauE1qXIHnm7c6s01pupQwDbIvdcSA6Y33ydAKirsN5HiBqOE7yN02W1fgRHUT-y2nVdXmXDfqkx8KHs4wOprycbccUP4ZeqmQCXXgK44_W09BEwYr1L4bw5PEC0Il2DPSjLNB8Tp1tm799yXAE8-Pks3D5DZSxzupmS4IRVSvv8Kjl8lPkiva-A5qZ1z2buZVnUoSvXejLCUW2Psmruw-3taBPxyNJN6X7LqFrxQrgHJNJiPeUW4sI0ms3XMkfrYWNbgM-s3a6m3x7LJnnvvGajlTlw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACB5 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200413&jk=406814009916483&bg=!BwSlBBxY0ub1SZzozckCAAAAk1IAAAANmQGleBfcZSfzmpwRrwJ4t4dlEpqKI22MXyNSW5KMlS5BQ6rr158u1Rq9w3gnSrY05hDxkyQHWmY0PbkDudn6qy5nSR2JAzh3qfqVhMzReakSAkfYjD_nVjm9iiWe9KXw110JNddLSo2KoNIX-NnybnowQX1Y7cApVYNqFNN0r1L4ZGkg4y-lwOQ8ohEt7HiGbCq4mOnL9bbDNI1jKAAY9e_YgpnQs7zDMOynSc7kqQ9SWsOBTRwUiEuFU9eFcorjnGol2bosyBC7jCDXQBGyQvmRSI_kb1k4qADXs-nMW6O7F_Kf6gvCb6mRiOC2bUhtSlhs4tMPknbgpsCzt5lgchozi5MptvXdMoogjJFe6GU8TO31ByB4xMm81n4LfaKeeVFCx8v072vJz4kbGCZStE5Xq7FzrGbnl88vCtFWmrfadeGg7uEY0VIV43BszJCiVn9bwq6QVLh3Iwg36owXmmmpvzXJIzBWuFdiJGW0VAyiE-1Snhm-X-H2sZ3iKgvkXlWVlimj_dZAv59Z9WVOi6r-CpREwck3h_eWv53d1Dr1FeZ5XVorAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

prebid
bh.contextweb.com/visitormatch/ Frame 5B4E
Redirect Chain

https://bh.contextweb.com/visitormatch/prebid
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1
https://bh.contextweb.com/visitormatch/prebid?s=1587157970432&r=1&v=547259
https://x.bidswitch.net/sync?ssp=pulsepoint
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=pulsepoint
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=pulsepoint&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=0n5eGbgSEAd.AikABlFxifyvJg&expires=30&ssp=pulsepoint
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6
https://bh.contextweb.com/visitormatch/prebid?r=2&v=547259%2C556010&s=1587157970471

49 B
384 B

49ms
49ms

Image
image/gif

74.214.194.140
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/visitormatch/prebid?r=2&v=547259%2C556010&s=1587157970471

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.140 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-5868976b47-fzdqf
expires: -1

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 302
content-language: en-US
location: //bh.contextweb.com/visitormatch/prebid?r=2&v=547259%2C556010&s=1587157970471
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5868976b47-fzdqf
expires: -1

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame 5B4E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0
https://pixel.advertising.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true

0
989 B

29ms
29ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEIUsCp3VUto-1nFhZgrnksc&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55950/ Frame 5B4E
Redirect Chain

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0
https://pixel.advertising.com/ups/55950/sync?uid=502934071386
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934071386&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
989 B

27ms
26ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934071386&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934071386&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 5B4E 0
104 B 94ms
64ms Image
text/plain 2a02:fa8:8806:13::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A2fcb4db4-80f0-11ea-8e83-121ea8d7377c&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/ Frame 5B4E
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-zoGSlLB1lxkgk8CLtuk3ahoTleZYnn.WMt0C&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zoGSlLB1lxkgk8CLtuk3ahoTleZYnn.WMt0C&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
1 KB

29ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zoGSlLB1lxkgk8CLtuk3ahoTleZYnn.WMt0C&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zoGSlLB1lxkgk8CLtuk3ahoTleZYnn.WMt0C&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5B4E 70 B
264 B 135ms
43ms Image
image/gif 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55950/ Frame 120E
Redirect Chain

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0
https://pixel.advertising.com/ups/55950/sync?uid=502935200271
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
989 B

21ms
21ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/ Frame 120E
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
1 KB

27ms
26ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame 120E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true

0
989 B

20ms
20ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 120E 70 B
264 B 120ms
43ms Image
image/gif 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 120E
Redirect Chain

https://bh.contextweb.com/visitormatch/prebid
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1

49 B
635 B

49ms
48ms

Image
image/gif

74.214.194.140
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.140 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-stage-0
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 120E 0
103 B 19ms
16ms Image
text/plain 2a02:fa8:8806:13::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A2fcab44e-80f0-11ea-8f9f-12358a211a00&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/ Frame 2338
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62&verify=true
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
1 KB

28ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame 2338
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
989 B

29ms
29ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 2338
Redirect Chain

https://bh.contextweb.com/visitormatch/prebid
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEEwnRBLzuVHcOl4BZIQTGug&google_cver=1
https://bh.contextweb.com/visitormatch/prebid?s=1587157970471&r=1&v=547259
https://x.bidswitch.net/sync?ssp=pulsepoint
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpulsepoint%26bsw_par...
https://x.bidswitch.net/sync?dsp_id=354&user_id=89f77d0446a7471c9fa62c1b9fecf6f6&ssp=pulsepoint&bsw_param=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6

49 B
687 B

48ms
47ms

Image
image/gif

74.214.194.140
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.140 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-5868976b47-fzdqf
expires: -1

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=56abd5f0-c4a3-4bda-95b8-e2e1118cd2c6
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55950/ Frame 2338
Redirect Chain

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0
https://pixel.advertising.com/ups/55950/sync?uid=502934686019
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934686019&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
1 KB

28ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934686019&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=502934686019&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2338 70 B
264 B 45ms
44ms Image
image/gif 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 2338 0
103 B 65ms
64ms Image
text/plain 2a02:fa8:8806:13::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A2fcd60ea-80f0-11ea-8e66-1248c7260bf4&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame 2765
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0
https://pixel.advertising.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
1 KB

20ms
19ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEJfEG3AL8WNrZyR1LUwJ7HY&_origin=0&google_cver=1&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2765 70 B
264 B 45ms
44ms Image
image/gif 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55950/ Frame 2765
Redirect Chain

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0
https://pixel.advertising.com/ups/55950/sync?uid=502935200271
https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
1 KB

109ms
109ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=502935200271&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/ Frame 2765
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
https://pr-bh.ybp.yahoo.com/sync/adtech/UP31c323dc-80f0-11ea-98a0-06d616349e62?gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

0
1 KB

31ms
31ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 21:12:50 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 17 Apr 2020 21:12:50 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-H1SYQ_d1lxk.50_H8TtENvREkKkFWlo5Pqsz&_origin=0&nsync=0&apid=UP31c323dc-80f0-11ea-98a0-06d616349e62
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 prebid
bh.contextweb.com/visitormatch/ Frame 2765 49 B
496 B 49ms
48ms Image
image/gif 74.214.194.140
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/visitormatch/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.140 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-5868976b47-fzdqf
expires: -1

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 2765 0
103 B 59ms
58ms Image
text/plain 2a02:fa8:8806:13::1430
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A2fccbbd6-80f0-11ea-a94c-121c10c2940c&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 17 Apr 2020 21:12:50 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.petition2congress.com/	1970-01-19 09:02:42	Name: AWSALBCORS Value: bdxv2Qu88z+cArWxicTqSarp5leRh4idbGpkEPTDE+BxreAccqGK7jYiL9BSHv8JQARFzirhmUpgQna5M2Og6xPgmZeeKcjLflabfvPbpUz2EPOzI/UMe6IYLyRI
.orlytaitzesq.com/	1970-01-20 02:23:49	Name: __utma Value: 209516236.169382701.1587157966.1587157966.1587157966.1
www.petition2congress.com/	1970-01-19 09:02:42	Name: AWSALB Value: bdxv2Qu88z+cArWxicTqSarp5leRh4idbGpkEPTDE+BxreAccqGK7jYiL9BSHv8JQARFzirhmUpgQna5M2Og6xPgmZeeKcjLflabfvPbpUz2EPOzI/UMe6IYLyRI
.orlytaitzesq.com/	1970-01-19 08:52:38	Name: __utmt Value: 1
.youtube.com/	1970-01-19 13:11:49	Name: VISITOR_INFO1_LIVE Value: gRvOjKVYH8M
.youtube.com/	1970-01-19 08:52:39	Name: GPS Value: 1
.orlytaitzesq.com/	1970-01-19 17:39:40	Name: __auc Value: 40f7f71117189fc9c21e934f8fa
.orlytaitzesq.com/	1970-01-19 08:52:39	Name: __asc Value: 40f7f71117189fc9c21e934f8fa
.orlytaitzesq.com/	1970-01-19 08:52:39	Name: __utmb Value: 209516236.1.10.1587157966
.orlytaitzesq.com/	1970-01-19 13:15:25	Name: __utmz Value: 209516236.1587157966.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.orlytaitzesq.com/	1969-12-31 23:59:59	Name: __utmc Value: 209516236
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: NoNxKrMiY6g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a6772d0ace1deed920aa421612ee2b7a2.profile.yto50-c1.cloudfront.net
acuityplatform.com
ads3.mthsense.com
adserver.adtech.advertising.com
adserver.adtechus.com
adservice.google.ch
adservice.google.com
adservice.google.de
aol-match.dotomi.com
api.lanistaads.com
bh.contextweb.com
bid.contextweb.com
buttons.googlesyndication.com
certify.alexametrics.com
cloudfront-labs.amazonaws.com
cm.g.doubleclick.net
d2tbmvllb55wxq.cloudfront.net
d31qbv1cthcecs.cloudfront.net
fastlane.rubiconproject.com
fs.gweini.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
inv-nets.admixer.net
match.adsrvr.org
media.breitbart.com
orlytaitzesq.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.advertising.com
platform.twitter.com
pr-bh.ybp.yahoo.com
px.adhigh.net
s.gweini.com
securepubads.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us.i1.yimg.com
www.google-analytics.com
www.googletagservices.com
www.netvibes.com
www.orlytaitzesq.com
www.paypal.com
www.paypalobjects.com
www.petition2congress.com
www.thegatewaypundit.com
www.youtube.com
x.bidswitch.net
104.244.42.136
13.224.186.46
13.224.194.113
13.225.73.4
13.225.73.47
146.0.227.110
151.101.12.157
151.101.14.133
152.199.21.35
154.59.122.74
172.217.16.194
172.217.21.194
18.156.0.31
185.33.221.87
185.64.189.112
193.189.143.34
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:555
2a00:1288:110:c305::8000
2a00:1288:f03d:1fa::2000
2a00:1450:4001:809::2001
2a00:1450:4001:815::200e
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:824::2002
2a02:fa8:8806:13::1430
35.157.107.235
35.158.60.52
35.209.63.6
35.241.35.213
40.84.148.247
52.44.122.222
52.94.234.174
54.209.86.7
54.83.148.98
63.33.80.49
69.173.144.143
72.246.168.118
74.214.194.134
74.214.194.140
94.130.204.3
99.86.61.157
02cc65e914695a06d3e7c03943861266dab81cbebc63263127eea6f72a201868
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba
0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
145cd8de34183b13220094d51b72d14a9e47913a5103096a452fe643d9193ee6
1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200
1ab644733c53d53711946a4aa2bb094963e3aaac41e0bd506fb65dd78e07afbe
1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b
1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53
21c473d1aff0116debda8658947e28b889c21d273d6d3546b659cfa75680d747
22e611b88ea196c76a959f6c40bef620e5896ce086d6c3dd725bd1c995bca4f9
234bac92bbba914fb29ed6a4e86e66fa59a3c8722767328f5a3725b744bbb4a3
25388a19437615faf2c2531ec3b7a156ec4a45a08bb6d63ad57f1f51fdb3e382
2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9
28d76f867bf1d931ef2073f8b87f297cbfd2b4477258d67f029d7f3ba8bae58e
29114bcf1bfa71c2d3ede4c9cff63bd68e0c4ea841f75e99dbc6131850be9a51
2cf1dd8c2d40c35c5b6bacb66d6d38e832610ddcefb16b396d19725abfb9c832
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2
2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6
309c7ed889c1b81ec9982a66e8aaaebfcc618da0f71d7aeeb65983369a490392
3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff
37793007ece21aec21516a43c2dbee50c5a8223738edd30fc1c1cb0533a347e9
3ddd31fda18372791bf0414c6078e57304a11fdde6155b50b5716affd3278bff
42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2
43b6c47efc4f5674a51b4c01492c3c012a9da7db4565dc669b85518d05db11a2
45ef6e598688d2299eb20a5386b93438fb57ca8d79f7c20c30a1120335e67f30
4922c3415af9c43a8220c2193ba9d52d63e0c3f47389ffb09472e82e3ce4affb
49dbb20c3a62235ce1eed68dd987db8b7a0740ae1d6b1f6e8f5a2260dd47d307
4fef72bbf954883510edf5344dda10f894f2a64cfdff4a3d037b2de76370c71a
5394aa6963b40ee6aa87e794e555a588c398df4786a1ddf42d606fb1e7ea205e
55dd134081762cd1177a66a82e74d7fccd238870f486f0a38ef7a4495166ace9
568181e67d9033b35fabdd43eb15a24505cdc108da8f946466a2dfcfbdfdd290
5b8955aa76e21bdffb131ac5ac86e83023b6b0e9065b8f53c5e4ec8eedc7dd57
5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19
740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7
763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da
78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86
79cacec47dc923547a440e99eb31552a23eb0cde9ba288957ff8762b47ac7c79
7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92
7de9b44cc24458620c89543fbadfbed0e3abe72d588fff945636c703563aca18
7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6
80889a64f5cfc1bc382757bc8d42b04dcdd4c288e5688ede09a23b5a8e634816
82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87ecb1f5bf30a4f019788a64ac0bc004176a28a539eb37bef3db06e1e44e0351
88dbfc208a3c35d554206e25087e85e57e6f437bacc6af89790e94220da8293a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5d91ca59abaf6e098772bb3cbcd46e5aa637c686d367a91706f222aeffc44f
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9471ab0d40631c07cffea497a5091058b386ef5e83eca75a878c4ace3467735c
96506a2ab9dc27a831761a4aeee4bbe5d94c738db692ecd8059e7b58ff537fa1
96eb11bd76cb8bbb24bd9fa88918cf4560219cb559272260b26a82b6d10b4611
9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea
9e9f66ff9e106c3ab0782c8b5ebf569631e62597d027bebd0d591454cad53c29
9f1c13e5496da20c3b448674a24b70ec865b368323028b456f557d0f0d4baab6
a297f95ca519018f9036e57e16fc8b62020c5105c31c5e1eb9efd36562e11df3
a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a651bd634554e73a9c4c0125ba888d7ec2afe0c93c62ecdfed4b78c8adf99716
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a9a84792901579ce33cc43754c2dc48bacfeb709ea546eecc82a83fc400074b6
a9b59c276e5d2fbbddb321a19a614fe4750b3706d6ec9c13d1a6e699acb13a76
ab0dc6c4a4f355cf028114ff40468c515c964cc062789d234a2b7adf85d5ebb9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201
b1e975c1a03d8ddce0bb31ee3d31835504c836de50cb250735a832658fa07afd
b5ad47573428de06fa6e48cc5eeb5369a1021d5ad0648c44945ebeab05be9e81
b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51
b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
bf205d34a16bdbd9ff54ad5c790d1facc2459b4c266a781a57a56638e0581dc4
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
cc5a1204bbda0642df2154189663725ab3bcce44b358a00659021b1502e60e80
ce999c0ef4ea924d578a5c1fa8e4794fc521079e97a6df92c52b7de64043080e
cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74
cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d37bdc112f836ff1b1f7447b5d0550c9fe43af8124dc783b6235290175103c35
d6c867845e5c8dc99717f8be1b2078a9de5d88951a099beb5b25d49ab96a8476
d8beb9eab20fb5d4148f1789817fe1d4b696cbb28f9ad3b3cf05aa32e05d7cc1
d8f904cb07d25c24d591bf9dac925204753baebc5f95a065714e41ffe6cc40f3
d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2
dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5
dde0677c0b0db11379d66827895724d5fb5b196ecb1dc01c0dcfd920e0db094b
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9
e74e5abcb034f8529abcf39a0a528bd736fba62bde748bdb16ea553f074a533d
e97da01252a9a1adb85584de988e57bd36ec3b45b95b72fe85c5a101fcb6099f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c
fa9776c6408b4648ac5339406c229a54fccda3f0ad6c83b2f60598e39d5269b1
fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3

www.orlytaitzesq.com Open in urlscan Pro 35.209.63.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

71 %HTTPS

30 %IPv6

37 Domains

49 Subdomains

37 IPs

7 Countries

3250 kBTransfer

5400 kBSize

12 Cookies

40 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.orlytaitzesq.com Open in urlscan Pro
35.209.63.6 Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

71 %
HTTPS

30 %
IPv6

37
Domains

49
Subdomains

37
IPs

7
Countries

3250 kB
Transfer

5400 kB
Size

12
Cookies

219 HTTP transactions
4 data transactions