google.324creative.us Open in urlscan Pro
173.231.206.255  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://insight.adsrvr.org/tags/u6r6c6k/j57eunk/iframe HTTP 301
• https://d1eoo1tco6rr5e.cloudfront.net/u6r6c6k/j57eunk/iframe

Request Chain 24

• https://insight.adsrvr.org/track/conv/?adv=u6r6c6k&ct=0:98dtxj3&fmt=3 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=7c014fab-f597-46e2-9f91-ac0347b17799&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=7c014fab-f597-46e2-9f91-ac0347b17799&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
• https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D7c014fab-f597-46e2-9f91-ac0347b17799 HTTP 302
• https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5341160768746371785&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad HTTP 302
• https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D1f7aa153-1410-4976-9b33-c88e93c982c9%252Chttps%25253A%25252F%25252Fmatch.adsrvr.org%25252Ftrack%25252Fcmf%25252Fgeneric%25253Fttd_pid%25253Dtapad%252C HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5341160768746371785&pt=1f7aa153-1410-4976-9b33-c88e93c982c9%2Chttps%253A%252F%252Fmatch.adsrvr.org%252Ftrack%252Fcmf%252Fgeneric%253Fttd_pid%253Dtapad%2C HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad

Request Chain 25

• https://insight.adsrvr.org/track/evnt/?adv=u6r6c6k&ct=0:j57eunk&fmt=3 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=d51415cf-ca33-4ae3-b3aa-3a433ecbc526&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=d51415cf-ca33-4ae3-b3aa-3a433ecbc526&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=N2MwMTRmYWItZjU5Ny00NmUyLTlmOTEtYWMwMzQ3YjE3Nzk5&gdpr=0&gdpr_consent=&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=N2MwMTRmYWItZjU5Ny00NmUyLTlmOTEtYWMwMzQ3YjE3Nzk5&gdpr=0&gdpr_consent=&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799&google_tc= HTTP 302
• https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799&google_gid=CAESEASiJwqpjO_FFDztYg_JsMA&google_cver=1 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad HTTP 302
• https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5915cd1e-fe76-44cb-8464-792b955fb637%252Chttps%25253A%25252F%25252Fmatch.adsrvr.org%25252Ftrack%25252Fcmf%25252Fgeneric%25253Fttd_pid%25253Dtapad%252C HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5341160768746371785&pt=5915cd1e-fe76-44cb-8464-792b955fb637%2Chttps%253A%252F%252Fmatch.adsrvr.org%252Ftrack%252Fcmf%252Fgeneric%253Fttd_pid%253Dtapad%2C HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&ttd_puid= HTTP 302
• https://dpm.demdex.net/ibs:dpid=540&dpuuid=5915cd1e-fe76-44cb-8464-792b955fb637&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D5915cd1e-fe76-44cb-8464-792b955fb637%252C%252C HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=31686272508613285602122406218722007355&pt=5915cd1e-fe76-44cb-8464-792b955fb637%2C%2C

Request Chain 40

• https://um.simpli.fi/smaato HTTP 302
• https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://capi.connatix.com/us/pixel?puid=92731bcf12&pId=48&gdpr=0&gdpr_consent=&us_privacy={usPrivacyString} HTTP 302
• https://capi.connatix.com/us/pixel?puid=92731bcf12&pId=48&gdpr=0&gdpr_consent=&us_privacy={usPrivacyString}&final=true

Request Chain 41

• https://um.simpli.fi/nexxen HTTP 302
• https://sync.1rx.io/usersync/simplifi/CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 42

• https://um.simpli.fi/triplelift HTTP 302
• https://eb2.3lift.com/xuid?mid=7969&xuid=CBAED9DDB03D4881AFE5797A27BDB2B8&dongle=yf3 HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=CBAED9DDB03D4881AFE5797A27BDB2B8&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 43

• https://um.simpli.fi/telaria_p HTTP 302
• https://simplifi.partners.tremorhub.com/sync?UISF=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 44

• https://um.simpli.fi/tapad HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 45

• https://um.simpli.fi/ad_advisor HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://d.agkn.com/pixel/10751/?che=1714605793288&ip=38.132.118.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213090604869013243629 HTTP 302
• https://um.simpli.fi/aa_px?sk=213090604869013243629 HTTP 302
• https://um.simpli.fi/empty.gif

Request Chain 46

• https://um.simpli.fi/intentiq HTTP 302
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CBAED9DDB03D4881AFE5797A27BDB2B8&ckls=true&ci=JFZBh6AlGA&nc=false&trid=123070010

Request Chain 47

• https://um.simpli.fi/pubmatic HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 48

• https://um.simpli.fi/freewheel HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 49

• https://um.simpli.fi/dtnx HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=CBAED9DDB03D4881AFE5797A27BDB2B8;mimetype=img; HTTP 302
• https://fei.pro-market.net/engine?du=24;csync=CBAED9DDB03D4881AFE5797A27BDB2B8;mimetype=img;sr HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTE2MzczMDkxNzM5OTEwNjA4MTA= HTTP 302
• https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEC1PXIzkqXvYTwiCaG6mI4A&google_cver=1

Request Chain 50

• https://um.simpli.fi/exelatem HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=CBAED9DDB03D4881AFE5797A27BDB2B8&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=2191&simid=CBAED9DDB03D4881AFE5797A27BDB2B8&j=0&xl8blockcheck=1

Request Chain 51

• https://um.simpli.fi/yahoo HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://ups.analytics.yahoo.com/ups/55964/sync?uid=CBAED9DDB03D4881AFE5797A27BDB2B8&verify=true

Request Chain 52

• https://um.simpli.fi/beachfront HTTP 302
• https://sync.bfmio.com/sync?pid=141&uid=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 53

• https://um.simpli.fi/bluekai HTTP 302
• https://stags.bluekai.com/site/29931?id=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 54

• https://um.simpli.fi/crwdcntrl HTTP 302
• https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 55

• https://um.simpli.fi/lj_match HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=CBAED9DDB03D4881AFE5797A27BDB2B8&dnr=1

Request Chain 56

• https://um.simpli.fi/liveramp_match HTTP 302
• https://idsync.rlcdn.com/419566.gif?partner_uid=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogQ0JBRUQ5RERCMDNENDg4MUFGRTU3OTdBMjdCREIyQjgQABoNCOGdy7EGEgUI6AcQAEIASgA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&_=2 HTTP 307
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&rand=05791267 HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&rand=05791267&expected_cookie=aec68f10-14f4-474f-bbec-41f5a8e0c1cd

Request Chain 57

• https://www.googleadservices.com/pagead/conversion/1026675585/?random=1714605792812&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=696630133&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI_uPhqczthQMVLZJaBR1nVwz0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vZ29vZ2xlLjMyNGNyZWF0aXZlLnVzLw HTTP 302
• https://www.google.com/pagead/1p-conversion/1026675585/?random=696630133&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI_uPhqczthQMVLZJaBR1nVwz0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vZ29vZ2xlLjMyNGNyZWF0aXZlLnVzLw&is_vtc=1&cid=CAQSKQB7FLtqQL9pjrubAK0O0ws7Uk6EWPK0LjmfmK8EZGplXodkXrA05Jaq&random=1690224595

Request Chain 59

• https://um.simpli.fi/an HTTP 302
• https://ib.adnxs.com/setuid?entity=66&code=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 60

• https://um.simpli.fi/rb_match HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CBAED9DDB03D4881AFE5797A27BDB2B8&expires=365

Request Chain 61

• https://um.simpli.fi/ox_match HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072966&val=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=CBAED9DDB03D4881AFE5797A27BDB2B8

Request Chain 62

• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
• https://um.simpli.fi/g_match?id=&google_gid=CAESEIJKCJqhrXZ0L7RUWaFtl0o&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CBAED9DDB03D4881AFE5797A27BDB2B8 HTTP 302
• https://um.simpli.fi/g_match?id=

Request Chain 76

• https://secure.gravatar.com/avatar/ff1b842b0ec0f02f9734e8811208fc9f?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 77

• https://secure.gravatar.com/avatar/077da51d22303a902560ab7a3c48ef49?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 78

• https://secure.gravatar.com/avatar/3aeca28a9030b81e7faee86b5aad4253?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 79

• https://secure.gravatar.com/avatar/38761515e2d1db6d0e12c2fa2d4d7d7a?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 80

• https://secure.gravatar.com/avatar/0a621882dac13bdb48bb2091ec66764a?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 81

• https://secure.gravatar.com/avatar/2072491ead69daa0d0a720d546eb692d?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 82

• https://secure.gravatar.com/avatar/980501b0dd8bf3076b66ac80dd0aa713?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 83

• https://secure.gravatar.com/avatar/fd22c15585c352e31a15210f7e774310?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 84

• https://secure.gravatar.com/avatar/3b483767e3aea972ad2fa7c50611123d?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

Request Chain 85

• https://secure.gravatar.com/avatar/970d91a3e3820a7c8d39f202e98f0f3f?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png HTTP 302
• https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response google.324creative.us/	38 KB 10 KB	453ms 101ms	Document text/html	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Full URL https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 4a301caf8e3b07d301a1bd428864681df9e0745f64f4b2e9464f98da37b79b56 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 9997 content-type text/html; charset=UTF-8 date Wed, 01 May 2024 23:23:10 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx/1.25.3 vary Accept-Encoding,User-Agent x-content-type-options nosniff x-proxy-cache MISS x-ua-compatible IE=edge
GET H2	200	style.min.css google.324creative.us/style/	26 KB 6 KB	99ms 93ms	Stylesheet text/css	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Full URL https://google.324creative.us/style/style.min.css Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 0c6fee8910a1fe8ec33f0b678b57b14af96db5901f4904f43b96324a6a337b08 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 30 Apr 2024 00:26:52 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type text/css; charset=utf-8 accept-ranges bytes content-length 5801 x-proxy-cache HIT
GET H2	200	temp.css google.324creative.us/style/	585 B 436 B	100ms 95ms	Stylesheet text/css	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Full URL https://google.324creative.us/style/temp.css Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 9bf6d4d16ad914427797600a18a4ae106e9a5c06494c597e55922a53e8e3b1dc Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type text/css; charset=utf-8 accept-ranges bytes content-length 225 x-proxy-cache HIT
GET H2	200	9ecac75f58.js Show response use.fontawesome.com/	4 KB 2 KB	161ms 46ms	Script text/javascript	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/9ecac75f58.js Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05e69d7d864c94a2b2c66c4176cd985cec4f32237c18b1c6c0db251d6a77d858 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:11:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 440 etag W/"d03e28c9dd3611afd8e8b0c22ba383c7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fYfAzoJQhgtZnObDKKmcybyfbY1l2K6BuU5Q4isGa7qRprE6Rf63hWMc7zk6S9AKETehKJmWWUJXxVUg6aRpejJw6XL505yBDX0mLkm1wmA%2FqulNsZctUKFpDKBXlmM%2BbiIYgPepaVee4DZwWAfIVue"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=1800 cf-ray 87d3848fce5d370a-MIA alt-svc h3=":443"; ma=86400
GET H2	200	Care_Dentistry_Group.js Show response tag.brandcdn.com/autoscript/caredentistrygroup_vfdwuk1vovvuwg89/	1 KB 2 KB	267ms 67ms	Script text/javascript	2600:9000:266a:7400:7:e536:8b00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.brandcdn.com/autoscript/caredentistrygroup_vfdwuk1vovvuwg89/Care_Dentistry_Group.js Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266a:7400:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 30b075ed3164b0854068c153d25db6b3cdba4d893d98156db112f11f21e2eb15 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id NT3vv2NJXhW_1TY7ouEaN.KKTyRzA4HH date Wed, 01 May 2024 11:00:50 GMT via 1.1 e774c9e3b514be02964a99136a6cdfda.cloudfront.net (CloudFront) last-modified Wed, 15 Feb 2023 17:40:36 GMT server AmazonS3 x-amz-cf-pop JFK52-P5 age 44541 x-amz-server-side-encryption AES256 etag "0438efb34b6ed8b7d2b96d007270aa35" x-cache Hit from cloudfront content-type text/javascript x-amz-replication-status COMPLETED accept-ranges bytes content-length 1293 x-amz-cf-id cNabLh6i8yBxJpks1tpUPomMADyNJ7icWh38-vNjRBaX-FkY60O4iw==
GET H2	200	Orthodontist-of-Cerritos-White.svg google.324creative.us/img/	18 KB 6 KB	189ms 186ms	Image image/svg+xml	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/Orthodontist-of-Cerritos-White.svg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash b2a2290ce08524acfeb22104d5eb9102b2f0a59e7f9715c64f7a63b4dd68ec90 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type image/svg+xml accept-ranges bytes content-length 5520 x-proxy-cache HIT
GET H2	200	icon-mobile-bars.svg google.324creative.us/img/icons/	994 B 705 B	190ms 188ms	Image image/svg+xml	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/icons/icon-mobile-bars.svg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash b40689c19ed7c9032d17f0e669af57155735da2cd39642c7fc28ba99fc47e44b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type image/svg+xml accept-ranges bytes content-length 500 x-proxy-cache HIT
GET H2	200	icon-nav-dropdown.svg google.324creative.us/img/icons/	696 B 665 B	105ms 94ms	Image image/svg+xml	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/icons/icon-nav-dropdown.svg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash ab8985742e9f26f0d6fb1e9b8794e7e57d422793a597d3c681e56621b4093716 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type image/svg+xml accept-ranges bytes content-length 460 x-proxy-cache HIT
GET H2	200	orthodontist-of-cerritos.jpg google.324creative.us/img/banners/	314 KB 314 KB	105ms 95ms	Image image/jpeg	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/banners/orthodontist-of-cerritos.jpg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash b16d4635b025591a10bacbafc9ea3e713148201657b7a17cc8533ee05c49d338 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 content-type image/jpeg accept-ranges bytes content-length 321082 x-proxy-cache HIT
GET H2	200	orthodontist-of-cerritos.jpg google.324creative.us/img/banners/mobile/	220 KB 220 KB	199ms 190ms	Image image/jpeg	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/banners/mobile/orthodontist-of-cerritos.jpg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 43598024c6fb9430e846cee66e9eb95946370d625a10606f26fe03e4f92ae835 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 content-type image/jpeg accept-ranges bytes content-length 225172 x-proxy-cache HIT
GET H2	200	invisalign-top-1-percent-provider.svg google.324creative.us/img/home/	19 KB 7 KB	197ms 192ms	Image image/svg+xml	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/home/invisalign-top-1-percent-provider.svg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 8f835cbd9282070e7b47d48677f391bdaf0716d4dd3b78d67a6a8c500ad89c1f Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type image/svg+xml accept-ranges bytes content-length 6718 x-proxy-cache HIT
GET H2	200	orthodontist-in-cerritos-ca.jpg google.324creative.us/img/home/	342 KB 342 KB	197ms 192ms	Image image/jpeg	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/home/orthodontist-in-cerritos-ca.jpg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 72d1526001c7f71f2a8858b8c507673a9379714ba679a04a74a7eb6521d1c4a8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 content-type image/jpeg accept-ranges bytes content-length 349953 x-proxy-cache HIT
GET H2	200	in-house-insurance-membership-plan-orthodontist-of-cerritos-ca.jpg google.324creative.us/shared/dental-hq-membership/	236 KB 236 KB	197ms 193ms	Image image/jpeg	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/shared/dental-hq-membership/in-house-insurance-membership-plan-orthodontist-of-cerritos-ca.jpg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 6f625d329cfd36b13633be38d106d9abcaabfdfb0f0d03a898d30a2834219643 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 content-type image/jpeg accept-ranges bytes content-length 241428 x-proxy-cache HIT
GET H2	200	jquery-3.5.1.min.js Show response google.324creative.us/scripts/	87 KB 30 KB	200ms 190ms	Script text/javascript	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Full URL https://google.324creative.us/scripts/jquery-3.5.1.min.js Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type text/javascript; charset=utf-8 accept-ranges bytes content-length 30916 x-proxy-cache HIT
GET H3	200	jquery.modal.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/	5 KB 2 KB	99ms 43ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1174390 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1399 last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-1359" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awNoMdoexL0%2F6TD8RjTF32NjMqUe9PdUgHLHKAmpSBlfhwCbCbEGZ1V8vb7QXjAtZ%2BxREkMOQSDPk7FAtV15EkV1wWx%2FjX%2BwvuUEbtU%2FxyJizP9CExJCrlG4MWoYt3FaLfLQdYKK"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 87d3848f68d2da67-MIA expires Mon, 21 Apr 2025 23:23:10 GMT
GET H3	200	jquery.modal.min.css cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/	3 KB 2 KB	100ms 45ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5553992 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1541 last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-c81" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Czv6XsXa9IZEsf9K4nYyQTU%2F6zKO5IdkgKJfmtFwgFjCN9W7FkUNH3hLHeiXttgT8yCAORnqPH%2BWxq8mMZ3kLOcLmWtLsIBCosi%2FwOOsL0%2F10UrVEMQZxEYMjrFXmY1exLoqyoZ%2F"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 87d3848f68d4da67-MIA expires Mon, 21 Apr 2025 23:23:10 GMT
GET H2	200	ubo1ohk.css use.typekit.net/	9 KB 1 KB	375ms 128ms	Stylesheet text/css	2600:141b:f000:3::17c8:3f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ubo1ohk.css Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:3f Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 7c8689346612f21fe0c0aaa84a7459173608ae31249cf7654b9e996fd3bf292b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Wed, 01 May 2024 23:23:10 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1103
GET H2	200	jquery-ui.css ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/ui-lightness/	36 KB 9 KB	212ms 64ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/ui-lightness/jquery-ui.css Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 722982f556e40891116448de1b410edf8d448ed51e4d3ee00081a8d9e1dd72bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 22:14:41 GMT content-encoding gzip x-content-type-options nosniff age 176909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8593 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Apr 2025 22:14:41 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.1.1/	85 KB 30 KB	291ms 147ms	Script text/javascript	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 30 Apr 2024 01:34:34 GMT content-encoding gzip x-content-type-options nosniff age 164916 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30244 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 30 Apr 2025 01:34:34 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/	248 KB 67 KB	217ms 73ms	Script text/javascript	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 13:35:52 GMT content-encoding gzip x-content-type-options nosniff age 467238 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67948 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 26 Apr 2025 13:35:52 GMT
GET H2	200	dental-hq-membership.css google.324creative.us/shared/dental-hq-membership/	2 KB 836 B	197ms 191ms	Stylesheet text/css	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Full URL https://google.324creative.us/shared/dental-hq-membership/dental-hq-membership.css Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 9219cdfe0c3aa1921ab89c73e295745857f46f79398aace80cbfcfa9e635af53 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 vary Accept-Encoding,User-Agent content-type text/css; charset=utf-8 accept-ranges bytes content-length 625 x-proxy-cache HIT
GET H2	200	gtm.js Show response www.googletagmanager.com/	260 KB 88 KB	250ms 105ms	Script application/javascript	2607:f8b0:4006:817::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P3DPZJN Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c7d6914ff29c0537d75c22bf35fb09eb7470499232623615a7f247868ee7a89f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 90110 x-xss-protection 0 last-modified Wed, 01 May 2024 21:31:25 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 01 May 2024 23:23:10 GMT
GET H2	200	cv_pixel.js Show response adservices.brandcdn.com/pixel/	2 KB 1 KB	398ms 100ms	Script text/javascript	54.183.115.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adservices.brandcdn.com/pixel/cv_pixel.js Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/caredentistrygroup_vfdwuk1vovvuwg89/Care_Dentistry_Group.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.183.115.107 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-183-115-107.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT content-encoding gzip last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) etag "613-5f9d69bae4944-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 745
GET H/1.1	200 OK	iframe d1eoo1tco6rr5e.cloudfront.net/u6r6c6k/j57eunk/ Frame 4FBC Redirect Chain https://insight.adsrvr.org/tags/u6r6c6k/j57eunk/iframe https://d1eoo1tco6rr5e.cloudfront.net/u6r6c6k/j57eunk/iframe	0 0	202ms 59ms	Document text/html	13.226.29.201 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1eoo1tco6rr5e.cloudfront.net/u6r6c6k/j57eunk/iframe Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/caredentistrygroup_vfdwuk1vovvuwg89/Care_Dentistry_Group.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.226.29.201 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-29-201.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Age 5167 Cache-Control max-age=86400 Connection keep-alive Content-Length 138 Content-Type text/html Date Wed, 01 May 2024 21:57:05 GMT ETag "95ba934fac3fe0210ca25306d114c7e3" Last-Modified Wed, 09 Mar 2022 15:55:17 GMT Server AmazonS3 Via 1.1 58138fe3ecbee18734b57632af81590a.cloudfront.net (CloudFront) X-Amz-Cf-Id P_8Q2j9RAFCo-xXaPfLDPPrJfHNZG4UF4HrKTwiu64JmH2TlQch5Ag== X-Amz-Cf-Pop EWR53-C2 X-Cache Hit from cloudfront x-amz-server-side-encryption AES256 Redirect headers content-length 0 date Wed, 01 May 2024 23:23:10 GMT location https://d1eoo1tco6rr5e.cloudfront.net/u6r6c6k/j57eunk/iframe
GET H2	200	5747ce40-97f4-013a-c77f-06a60fe5fe77 Show response tag.simpli.fi/sifitag/	3 KB 2 KB	199ms 58ms	Script application/javascript	34.86.70.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://tag.simpli.fi/sifitag/5747ce40-97f4-013a-c77f-06a60fe5fe77 Requested by Host: tag.brandcdn.com URL: https://tag.brandcdn.com/autoscript/caredentistrygroup_vfdwuk1vovvuwg89/Care_Dentistry_Group.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.70.86.34.bc.googleusercontent.com Software openresty / Resource Hash 1e086c80d552293cec1ac54c34c3c98e0b7872faa32578c918cf4325cad59602 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 01 May 2024 23:23:10 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 x-request-id F8uA4efzeQlt4G0vM70B expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	generic match.adsrvr.org/track/cmf/ Redirect Chain https://insight.adsrvr.org/track/conv/?adv=u6r6c6k&ct=0:98dtxj3&fmt=3 https://dpm.demdex.net/ibs:dpid=903&dpuuid=7c014fab-f597-46e2-9f91-ac0347b17799&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=7c014fab-f597-46e2-9f91-ac0347b17799&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799 https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D7c014fab-f597-46e2-9f91-ac0347b17799 https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5341160768746371785&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799 https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3... https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D1f7aa153-1410-4976-9b33-c88e93c982c9%252Chttps%2525... https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5341160768746371785&pt=1f7aa153-1410-4976-9b33-c88e93c982c9%2Chttps%253A%252F%252Fmatch.adsrvr.org%252Ftrack%252Fcmf%... https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad	70 B 498 B	59ms 57ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:12 GMT server Kestrel content-length 70 content-type image/gif Redirect headers date Wed, 01 May 2024 23:23:12 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	receive pixel.tapad.com/idsync/ex/ Redirect Chain https://insight.adsrvr.org/track/evnt/?adv=u6r6c6k&ct=0:j57eunk&fmt=3 https://dpm.demdex.net/ibs:dpid=903&dpuuid=d51415cf-ca33-4ae3-b3aa-3a433ecbc526&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=d51415cf-ca33-4ae3-b3aa-3a433ecbc526&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=N2MwMTRmYWItZjU5Ny00NmUyLTlmOTEtYWMwMzQ3YjE3Nzk5&gdpr=0&gdpr_consent=&ttd_tdid=7c014fab-f597-46e2-9f91-ac034... https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=N2MwMTRmYWItZjU5Ny00NmUyLTlmOTEtYWMwMzQ3YjE3Nzk5&gdpr=0&gdpr_consent=&ttd_tdid=7c014fab-f597-46e2-9f91-ac0... https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=7c014fab-f597-46e2-9f91-ac0347b17799&google_gid=CAESEASiJwqpjO_FFDztYg_JsMA&google_cver=1 https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dtapad https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&partner_url=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3... https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5915cd1e-fe76-44cb-8464-792b955fb637%252Chttps%2525... https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5341160768746371785&pt=5915cd1e-fe76-44cb-8464-792b955fb637%2Chttps%253A%252F%252Fmatch.adsrvr.org%252Ftrack%252Fcmf%... https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7c014fab-f597-46e2-9f91-ac0347b17799&ttd_puid= https://dpm.demdex.net/ibs:dpid=540&dpuuid=5915cd1e-fe76-44cb-8464-792b955fb637&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D... https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=31686272508613285602122406218722007355&pt=5915cd1e-fe76-44cb-8464-792b955fb637%2C%2C	95 B 124 B	52ms 52ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=31686272508613285602122406218722007355&pt=5915cd1e-fe76-44cb-8464-792b955fb637%2C%2C Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H3 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:12 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers dcs dcs-prod-va6-2-v059-05484fc6f.edge-va6.demdex.com 3 ms pragma no-cache date Wed, 01 May 2024 23:23:12 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid 4ptDA/53RTo= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=31686272508613285602122406218722007355&pt=5915cd1e-fe76-44cb-8464-792b955fb637%2C%2C cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	webfontloader.js Show response use.fontawesome.com/webfontloader/1.6.24/	12 KB 5 KB	48ms 44ms	Script application/x-javascript	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/9ecac75f58.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:46:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5526 etag W/"9064ce12d2c81f68123c93bc1a8b0cad" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLyHkm%2BF%2Fn4CF6FZDYI7g2hdOSCWTOQ6iy4e6Ict0X7FNLupwoy1dah5mwz69UWyDqnu4p5DxlKzb%2BEsmfkZBxRwU1Kh8cBf%2FUd%2Fe%2FhyTN8nh0Z63g4WtpCb3OJfXKsRiW3IhK5h3%2FytJchUOyWnBURf"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31556926 cf-ray 87d384902ee8370a-MIA alt-svc h3=":443"; ma=86400
GET H2	200	orthodontist-cerritos-ca.jpg google.324creative.us/img/home/	447 KB 448 KB	210ms 208ms	Image image/jpeg	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Show image Full URL https://google.324creative.us/img/home/orthodontist-cerritos-ca.jpg Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 12444d0d6914608f75faa7a9063cb6a6b92174dc52e1ae22b57187916954b268 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 content-type image/jpeg accept-ranges bytes content-length 457609 x-proxy-cache HIT
GET H2	200	9ecac75f58.css use.fontawesome.com/	1 KB 683 B	47ms 47ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/9ecac75f58.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 035a3a8fffa99a5380a2479b22ec79cb95100bc7c42d85af314ab955ae5eff53 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:11:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2997 etag W/"05946a1ad47abd1bab24c922f4cce375" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOf%2B0tugNSdVJBM6sDm%2BU8XVFroVOPZGUcYqaKlO4aiemU8SQhotLm2cG%2FBvY9l6M5Jq8pw58bwJEsbERsew%2BlOn43RGYl7kDQCUfskmFHYiDXHfjl1Stes1EettVrcW50tLqw5U4BUS05RonN3DB2On"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 87d38490af72370a-MIA alt-svc h3=":443"; ma=86400
GET H2	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.6.3/css/	28 KB 7 KB	44ms 43ms	Stylesheet text/css	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/9ecac75f58.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.fontawesome.com/9ecac75f58.css Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:10 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:44:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 182345 etag W/"7937bc10f6c59ceed1ff6e6bbebfcd8d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TT9PA8wsF2F61wL6h2S%2FeKXhpTwaWY%2FH0%2FsSvJt%2FgqfWONw1NicB4P2newRBEINdZInevg8fgTrjN2ZynDmsNXmFxGt3J3QgxTbhvjmRDSFKtrRcz60MpYi1NSU5LSxqDOYFRg945sX109gXEztmaaHW"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 87d38490ffd9370a-MIA alt-svc h3=":443"; ma=86400
GET H2	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.6.3/fonts/	70 KB 71 KB	110ms 42ms	Font application/octet-stream	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/9ecac75f58.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.fontawesome.com/9ecac75f58.css Origin https://google.324creative.us Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2997 alt-svc h3=":443"; ma=86400 content-length 71896 last-modified Fri, 22 Sep 2023 01:44:05 GMT server cloudflare etag "e6cf7c6ec7c2d6f670ae9d762604cb0b" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tsKArF68k%2BhYWoXMWL36r%2FQP2p2R8bYhziRtTOuo002hY5piabgyLDETX%2BWoVaIDlFQFomsjIyt3RHS6Ii1fZHv5WmTubOie8BMFrbhz%2F9k6JNtB6mcaEWw7iU%2B1SAjGNxMbftvFI96Nl1uPnXbitGMA"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 87d38491f841288a-MIA
GET H2	200	p.css p.typekit.net/	5 B 172 B	305ms 74ms	Stylesheet text/css	2600:141b:f000:3::17c8:31 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=ubo1ohk&ht=tk&f=137.139.169.175.5474.25136.676.677.678.679.34380.34383.34384&a=13003564&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/ubo1ohk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:31 Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.typekit.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT last-modified Sun, 10 Mar 2024 12:44:13 GMT server nginx etag "65edab1d-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	l use.typekit.net/af/0758f3/000000000000000077359583/30/	33 KB 33 KB	267ms 68ms	Font application/font-woff2	2600:141b:f000:3::17c8:3f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/0758f3/000000000000000077359583/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ubo1ohk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:3f Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash ab420c3f3810dd894b09365878372b993ddb6b5734e8679f9f1ad508b69e2b10 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.typekit.net/ubo1ohk.css Origin https://google.324creative.us Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT server nginx etag "ca1c030b2d0c95d3891a4d7f531e150dad96eeac" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 33292
GET H2	200	l use.typekit.net/af/56b0cd/00000000000000007735957d/30/	34 KB 34 KB	276ms 78ms	Font application/font-woff2	2600:141b:f000:3::17c8:3f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/56b0cd/00000000000000007735957d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ubo1ohk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:3f Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 3be30c09a4c2a44586ae9710ad7c61e5b9e57ba9d24935ad3e6f61aca28b9b06 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.typekit.net/ubo1ohk.css Origin https://google.324creative.us Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT server nginx etag "efd2a4eb0e71949802f825497dfc78423b4eaac3" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 34328
GET H2	200	l use.typekit.net/af/01a221/000000000000000077359762/30/	21 KB 21 KB	342ms 144ms	Font application/font-woff2	2600:141b:f000:3::17c8:3f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/01a221/000000000000000077359762/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ubo1ohk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:3f Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash bcfc47fa3ae591cf7f79f42c9cb853aa8e60ed637a661fed9d90dc86ceb5e339 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.typekit.net/ubo1ohk.css Origin https://google.324creative.us Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT server nginx etag "ef894874057e881a0fdae77b723220e59d9b979e" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 21180
GET H2	200	l use.typekit.net/af/0c45a9/00000000000000007735976c/30/	21 KB 21 KB	351ms 153ms	Font application/font-woff2	2600:141b:f000:3::17c8:3f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/0c45a9/00000000000000007735976c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ubo1ohk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:3f Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash b0a830137126a730cc9c892513376407ccac990cf5b64d9c192b4593fd40aa78 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.typekit.net/ubo1ohk.css Origin https://google.324creative.us Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT server nginx etag "5e9d9c9d8c7232d4db646210f7ddfc9addd2d61b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 21576
GET H2	200	l use.typekit.net/af/98e3f6/000000000000000077359562/30/	33 KB 34 KB	332ms 135ms	Font application/font-woff2	2600:141b:f000:3::17c8:3f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ubo1ohk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:3f Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.typekit.net/ubo1ohk.css Origin https://google.324creative.us Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT server nginx etag "27cd5d037b3d5bcc152de6c7fe0aa3098a381c24" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 34148
GET H2	200	l use.typekit.net/af/36e743/00000000000000007735976b/30/	21 KB 21 KB	397ms 200ms	Font application/font-woff2	2600:141b:f000:3::17c8:3f AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/36e743/00000000000000007735976b/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ubo1ohk.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:3::17c8:3f Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1f767f2f6b8c53261af6cd15e76354adae406d9e254de6ec01776fd9c85ff31a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://use.typekit.net/ubo1ohk.css Origin https://google.324creative.us Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:11 GMT server nginx etag "1f0054f1d0c66d228cb96866827d84842fb2f3fb" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 21232
GET H2	200	p Show response i.simpli.fi/	803 B 765 B	69ms 56ms	Script application/javascript	34.86.70.109 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://i.simpli.fi/p?cid=362429&cb=sifi_att_1008910850._hp Requested by Host: tag.simpli.fi URL: https://tag.simpli.fi/sifitag/5747ce40-97f4-013a-c77f-06a60fe5fe77 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 109.70.86.34.bc.googleusercontent.com Software openresty / Resource Hash 78f5796840e0c2188aa78cd230cfe2c5c9255aaac194b6624265b1c93e40193c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 01 May 2024 23:23:12 GMT content-encoding gzip server openresty vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	cv adservices.brandcdn.com/pixel/ Frame 7015	0 0	299ms 103ms	Document text/html	54.183.115.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adservices.brandcdn.com/pixel/cv?aid=245933&cv_ck=c0cebd7f-8963-4eb8-884f-577372a1219a&m=google.324creative.us&r= Requested by Host: adservices.brandcdn.com URL: https://adservices.brandcdn.com/pixel/cv_pixel.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.183.115.107 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-183-115-107.us-west-1.compute.amazonaws.com Software Apache/2.4.52 (Ubuntu) / Resource Hash Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-encoding gzip content-length 1137 content-location cv.html content-type text/html date Wed, 01 May 2024 23:23:13 GMT etag "1002-5f9d69bae4944;5f9d69bae4944 last-modified Fri, 21 Apr 2023 11:03:33 GMT server Apache/2.4.52 (Ubuntu) tcn choice vary negotiate,Accept-Encoding
GET H3	200	pixel capi.connatix.com/us/ Redirect Chain https://um.simpli.fi/smaato https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=CBAED9DDB03D4881AFE5797A27BDB2B8 https://capi.connatix.com/us/pixel?puid=92731bcf12&pId=48&gdpr=0&gdpr_consent=&us_privacy={usPrivacyString} https://capi.connatix.com/us/pixel?puid=92731bcf12&pId=48&gdpr=0&gdpr_consent=&us_privacy={usPrivacyString}&final=true	82 B 82 B	86ms 84ms	Image image/gif	172.64.146.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://capi.connatix.com/us/pixel?puid=92731bcf12&pId=48&gdpr=0&gdpr_consent=&us_privacy={usPrivacyString}&final=true Protocol H3 Server 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:13 GMT cf-cache-status DYNAMIC server cloudflare surrogate-control no-cache, no-store, must-revalidate, max-age=0 vary Accept-Encoding content-type image/gif cache-control no-cache, no-store, must-revalidate, max-age=0 cf-ray 87d384a18b57741e-MIA access-control-allow-headers x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model alt-svc h3=":443"; ma=86400 Redirect headers date Wed, 01 May 2024 23:23:13 GMT cf-cache-status DYNAMIC server cloudflare location https://capi.connatix.com/us/pixel?puid=92731bcf12&pId=48&gdpr=0&gdpr_consent=&us_privacy={usPrivacyString}&final=true cache-control no-cache, no-store, must-revalidate, max-age=0 cf-ray 87d384a0fa8d741e-MIA access-control-allow-headers x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model content-length 0 alt-svc h3=":443"; ma=86400
GET H2	204	CBAED9DDB03D4881AFE5797A27BDB2B8 sync.1rx.io/usersync/simplifi/ Redirect Chain https://um.simpli.fi/nexxen https://sync.1rx.io/usersync/simplifi/CBAED9DDB03D4881AFE5797A27BDB2B8	0 99 B	197ms 59ms	Image text/plain	69.194.240.13 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1rx.io/usersync/simplifi/CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H2 Server 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:12 GMT cache-control no-store, no-cache, must-revalidate expires 0 Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.1rx.io/usersync/simplifi/CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://um.simpli.fi/triplelift https://eb2.3lift.com/xuid?mid=7969&xuid=CBAED9DDB03D4881AFE5797A27BDB2B8&dongle=yf3 https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=CBAED9DDB03D4881AFE5797A27BDB2B8&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=	37 B 474 B	63ms 59ms	Image image/gif	35.71.139.29 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=CBAED9DDB03D4881AFE5797A27BDB2B8&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= Protocol H2 Server 35.71.139.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers content-type image/gif date Wed, 01 May 2024 23:23:13 GMT cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=7969&xuid=CBAED9DDB03D4881AFE5797A27BDB2B8&dongle=yf3&gdpr=0&cmp_cs=&us_privacy= date Wed, 01 May 2024 23:23:13 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync simplifi.partners.tremorhub.com/ Redirect Chain https://um.simpli.fi/telaria_p https://simplifi.partners.tremorhub.com/sync?UISF=CBAED9DDB03D4881AFE5797A27BDB2B8	43 B 175 B	239ms 57ms	Image image/gif	2600:1f18:612b:4200:a7e:25a5:68ec:65d3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://simplifi.partners.tremorhub.com/sync?UISF=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H2 Server 2600:1f18:612b:4200:a7e:25a5:68ec:65d3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Wed, 01 May 2024 23:23:13 GMT server nginx content-type image/gif Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://simplifi.partners.tremorhub.com/sync?UISF=CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H3	200	receive pixel.tapad.com/idsync/ex/ Redirect Chain https://um.simpli.fi/tapad https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CBAED9DDB03D4881AFE5797A27BDB2B8	95 B 124 B	53ms 51ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H3 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H2	200	empty.gif um.simpli.fi/ Redirect Chain https://um.simpli.fi/ad_advisor https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CBAED9DDB03D4881AFE5797A27BDB2B8 https://d.agkn.com/pixel/10751/?che=1714605793288&ip=38.132.118.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213090604869013243629 https://um.simpli.fi/aa_px?sk=213090604869013243629 https://um.simpli.fi/empty.gif	43 B 361 B	58ms 54ms	Image image/gif	35.236.220.17 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/empty.gif Protocol H2 Server 35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 17.220.236.35.bc.googleusercontent.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location /empty.gif access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142
GET H2	200	ProfilesEngineServlet sync1.intentiq.com/profiles_engine/ Redirect Chain https://um.simpli.fi/intentiq https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CBAED9DDB03D4881AFE5797A27BDB2B8 https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CBAED9DDB03D4881AFE5797A27BDB2B8&ckls=true&ci=JFZBh6AlGA&nc=false&trid=123070010	43 B 1 KB	212ms 81ms	Image image/gif	18.164.96.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CBAED9DDB03D4881AFE5797A27BDB2B8&ckls=true&ci=JFZBh6AlGA&nc=false&trid=123070010 Protocol H2 Server 18.164.96.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-91.jfk50.r.cloudfront.net Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT via 1.1 0ac640943c2918c03a0350f4e8b083a8.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront content-type image/gif p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id HA_0uI9rxbXo4qb-LEaS2m0b5yKEMrUuexOISzQ7s_KoO1vjn3WIQg== expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT via 1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" location https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CBAED9DDB03D4881AFE5797A27BDB2B8&ckls=true&ci=JFZBh6AlGA&nc=false&trid=123070010 content-type image/gif cache-control no-cache, no-store, must-revalidate patent https://www.almondnet.com/ip alt-svc h3=":443"; ma=86400 content-length 43 x-amz-cf-id ESmBFpfL7oczbU2DP327ZAXQ_z59IH_CuUWty8J4euR7Xgd5DksAww== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Redirect Chain https://um.simpli.fi/pubmatic https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CBAED9DDB03D4881AFE5797A27BDB2B8	42 B 554 B	238ms 57ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Wed, 01 May 2024 23:23:12 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H/1.1	200	user-registering ads.stickyadstv.com/ Redirect Chain https://um.simpli.fi/freewheel https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=CBAED9DDB03D4881AFE5797A27BDB2B8	43 B 652 B	414ms 76ms	Image image/gif	63.251.28.234 FREEWHEEL
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol HTTP/1.1 Server 63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 May 2024 23:23:13 GMT Server nginx Transfer-Encoding chunked Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive x-sticky-vk 1714605793557035-246 Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H2	200	engine pbid.pro-market.net/ Redirect Chain https://um.simpli.fi/dtnx https://fei.pro-market.net/engine?du=24;csync=CBAED9DDB03D4881AFE5797A27BDB2B8;mimetype=img; https://fei.pro-market.net/engine?du=24;csync=CBAED9DDB03D4881AFE5797A27BDB2B8;mimetype=img;sr https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTE2MzczMDkxNzM5OTEwNjA4MTA= https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEC1PXIzkqXvYTwiCaG6mI4A&google_cver=1	43 B 398 B	88ms 77ms	Image image/gif	2600:1901:0:8eee:: GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEC1PXIzkqXvYTwiCaG6mI4A&google_cver=1 Protocol H2 Server 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp1 p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear content-length 43 expires Mon, 1 Jan 1990 0:0:0 GMT Redirect headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEC1PXIzkqXvYTwiCaG6mI4A&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 315 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	/ loadm.exelator.com/load/ Redirect Chain https://um.simpli.fi/exelatem https://loadm.exelator.com/load/?p=204&g=2191&simid=CBAED9DDB03D4881AFE5797A27BDB2B8&j=0 https://loadm.exelator.com/load/?p=204&g=2191&simid=CBAED9DDB03D4881AFE5797A27BDB2B8&j=0&xl8blockcheck=1	0 746 B	59ms 59ms	Image text/plain	52.0.156.250 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=2191&simid=CBAED9DDB03D4881AFE5797A27BDB2B8&j=0&xl8blockcheck=1 Protocol H2 Server 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-0-156-250.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:13 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Wed, 01 May 2024 23:23:13 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=2191&simid=CBAED9DDB03D4881AFE5797A27BDB2B8&j=0&xl8blockcheck=1 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	204	sync ups.analytics.yahoo.com/ups/55964/ Redirect Chain https://um.simpli.fi/yahoo https://ups.analytics.yahoo.com/ups/55964/sync?uid=CBAED9DDB03D4881AFE5797A27BDB2B8 https://ups.analytics.yahoo.com/ups/55964/sync?uid=CBAED9DDB03D4881AFE5797A27BDB2B8&verify=true	0 121 B	61ms 58ms	Image text/plain	3.225.218.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55964/sync?uid=CBAED9DDB03D4881AFE5797A27BDB2B8&verify=true Protocol H2 Server 3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-218-10.compute-1.amazonaws.com Software ATS/9.1.10.112 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.112 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55964/sync?uid=CBAED9DDB03D4881AFE5797A27BDB2B8&verify=true date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.112 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204	sync sync.bfmio.com/ Redirect Chain https://um.simpli.fi/beachfront https://sync.bfmio.com/sync?pid=141&uid=CBAED9DDB03D4881AFE5797A27BDB2B8	0 421 B	352ms 56ms	Image text/plain	52.4.136.74 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bfmio.com/sync?pid=141&uid=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol HTTP/1.1 Server 52.4.136.74 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-136-74.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Connection keep-alive Date Wed, 01 May 2024 23:23:12 GMT Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://sync.bfmio.com/sync?pid=141&uid=CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H2	200	29931 stags.bluekai.com/site/ Redirect Chain https://um.simpli.fi/bluekai https://stags.bluekai.com/site/29931?id=CBAED9DDB03D4881AFE5797A27BDB2B8	62 B 395 B	380ms 146ms	Image image/gif	23.197.37.247 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stags.bluekai.com/site/29931?id=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H2 Server 23.197.37.247 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-197-37-247.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Wed, 01 May 2024 23:23:13 GMT content-length 62 x-request-id e95a4ee0d84647b23a3bcb25df509cf0 content-type image/gif Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://stags.bluekai.com/site/29931?id=CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H2	200	tpid=CBAED9DDB03D4881AFE5797A27BDB2B8 bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Redirect Chain https://um.simpli.fi/crwdcntrl https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CBAED9DDB03D4881AFE5797A27BDB2B8 https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CBAED9DDB03D4881AFE5797A27BDB2B8	49 B 544 B	68ms 68ms	Image image/gif	52.204.79.92 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H2 Server 52.204.79.92 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-204-79-92.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.8.189 content-length 49 expires 0 Redirect headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CBAED9DDB03D4881AFE5797A27BDB2B8 cache-control no-cache x-server 10.40.54.245 content-length 0 expires 0
GET H2	200	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match https://ce.lijit.com/merge?pid=2&3pid=CBAED9DDB03D4881AFE5797A27BDB2B8 https://ce.lijit.com/merge?pid=2&3pid=CBAED9DDB03D4881AFE5797A27BDB2B8&dnr=1	43 B 510 B	66ms 56ms	Image image/gif	107.20.88.0 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=CBAED9DDB03D4881AFE5797A27BDB2B8&dnr=1 Protocol H2 Server 107.20.88.0 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-20-88-0.compute-1.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" content-type image/gif cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 content-length 43 expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT vary Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://ce.lijit.com/merge?pid=2&3pid=CBAED9DDB03D4881AFE5797A27BDB2B8&dnr=1 cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 content-length 0 expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	db_sync px.ads.linkedin.com/ Redirect Chain https://um.simpli.fi/liveramp_match https://idsync.rlcdn.com/419566.gif?partner_uid=CBAED9DDB03D4881AFE5797A27BDB2B8 https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogQ0JBRUQ5RERCMDNENDg4MUFGRTU3OTdBMjdCREIyQjgQABoNCOGdy7EGEgUI6AcQAEIASgA https://pippio.com/api/sync?pid=5324&it=1&iv=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&_=2 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&rand=05791267 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&rand=05791267&expected_cookie=aec68f10-14f4-474f-bbec-41f5a8e0c1cd	0 143 B	79ms 79ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=10339&puuid=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&rand=05791267&expected_cookie=aec68f10-14f4-474f-bbec-41f5a8e0c1cd Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:13 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 38B3DD1F4B2B49E595FD3594C24BC45B Ref B: MIAEDGE1706 Ref C: 2024-05-01T23:23:13Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYXbMVGsaR2ObP1SD0gXQ== Redirect headers date Wed, 01 May 2024 23:23:13 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 5ACAD9B55FE845C795BB810BF1ED3FEA Ref B: MIAEDGE1706 Ref C: 2024-05-01T23:23:13Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location /db_sync?pid=10339&puuid=069efea2ebf7b2992ddd4f3443e59decbe6789927cf17166b4601880d259e1c1791426b5417dce21&rand=05791267&expected_cookie=aec68f10-14f4-474f-bbec-41f5a8e0c1cd x-li-proto http/2 content-length 0 x-li-uuid AAYXbMVFP6cxiQ62zx+U0A==
GET H3	200	/ www.google.com/pagead/1p-conversion/1026675585/ Redirect Chain https://www.googleadservices.com/pagead/conversion/1026675585/?random=1714605792812&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=696630133&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&... https://www.google.com/pagead/1p-conversion/1026675585/?random=696630133&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiww...	42 B 64 B	250ms 86ms	Image image/gif	142.251.40.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-conversion/1026675585/?random=696630133&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI_uPhqczthQMVLZJaBR1nVwz0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vZ29vZ2xlLjMyNGNyZWF0aXZlLnVzLw&is_vtc=1&cid=CAQSKQB7FLtqQL9pjrubAK0O0ws7Uk6EWPK0LjmfmK8EZGplXodkXrA05Jaq&random=1690224595 Protocol H3 Server 142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s38-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.google.com/pagead/1p-conversion/1026675585/?random=696630133&cv=7&fst=1714605792812&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI_uPhqczthQMVLZJaBR1nVwz0MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vZ29vZ2xlLjMyNGNyZWF0aXZlLnVzLw&is_vtc=1&cid=CAQSKQB7FLtqQL9pjrubAK0O0ws7Uk6EWPK0LjmfmK8EZGplXodkXrA05Jaq&random=1690224595 content-type image/gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	spotx_match um.simpli.fi/	0 272 B	60ms 57ms	Image text/plain	35.236.220.17 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/spotx_match Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 17.220.236.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS
GET H2	200	setuid ib.adnxs.com/ Redirect Chain https://um.simpli.fi/an https://ib.adnxs.com/setuid?entity=66&code=CBAED9DDB03D4881AFE5797A27BDB2B8	43 B 1 KB	76ms 75ms	Image image/gif	68.67.160.132 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=66&code=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H2 Server 68.67.160.132 Colonia, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT an-x-request-uuid 95437216-56c0-428e-96fd-79c70b46a2fc server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 38.132.118.75; 38.132.118.75; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ib.adnxs.com/setuid?entity=66&code=CBAED9DDB03D4881AFE5797A27BDB2B8 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Redirect Chain https://um.simpli.fi/rb_match https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CBAED9DDB03D4881AFE5797A27BDB2B8&expires=365	42 B 1 KB	206ms 59ms	Image image/gif	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CBAED9DDB03D4881AFE5797A27BDB2B8&expires=365 Protocol HTTP/1.1 Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost becaca8a9ded23e47987329048628358 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CBAED9DDB03D4881AFE5797A27BDB2B8&expires=365 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Tue, 30 Apr 2024 23:23:13 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://um.simpli.fi/ox_match https://us-u.openx.net/w/1.0/sd?id=537072966&val=CBAED9DDB03D4881AFE5797A27BDB2B8 https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=CBAED9DDB03D4881AFE5797A27BDB2B8	43 B 180 B	61ms 58ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=CBAED9DDB03D4881AFE5797A27BDB2B8 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=CBAED9DDB03D4881AFE5797A27BDB2B8 date Wed, 01 May 2024 23:23:13 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	204	g_match um.simpli.fi/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc https://um.simpli.fi/g_match?id=&google_gid=CAESEIJKCJqhrXZ0L7RUWaFtl0o&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CBAED9DDB03D4881AFE5797A27BDB2B8 https://um.simpli.fi/g_match?id=	0 320 B	55ms 54ms	Image text/plain	35.236.220.17 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/g_match?id= Protocol H2 Server 35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 17.220.236.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:13 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires Tue, 30 Apr 2024 23:23:13 GMT Redirect headers pragma no-cache date Wed, 01 May 2024 23:23:13 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://um.simpli.fi/g_match?id= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 229 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon-32x32.png google.324creative.us/	2 KB 2 KB	95ms 94ms	Other image/png	173.231.206.255 INMOTION
General Check archive.org Show headers Download Go to Full URL https://google.324creative.us/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.231.206.255 , United States, ASN22611 (INMOTION, US), Reverse DNS vps49481.inmotionhosting.com Software nginx/1.25.3 / Resource Hash 86634d0d2a49b7ee7c51848f33266b908797a05a020562965946199d92eebb39 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:14 GMT x-content-type-options nosniff last-modified Mon, 22 Apr 2024 17:43:42 GMT server nginx/1.25.3 content-type image/png accept-ranges bytes content-length 1824 x-proxy-cache HIT
GET H2	200	6c590112-ecfd-43b4-97a3-ba485064a1b9 Show response chatwidget.ruby.com/	850 B 1 KB	282ms 131ms	Script application/json	18.164.116.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chatwidget.ruby.com/6c590112-ecfd-43b4-97a3-ba485064a1b9 Requested by Host: google.324creative.us URL: https://google.324creative.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.116.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-116-76.jfk50.r.cloudfront.net Software / Resource Hash c7d16a42e97c0f1be64988b9b1cace3b10737df61ca4ab3f5bda048db964e23d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:14 GMT via 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P6 x-amzn-trace-id Root=1-6632cee2-542ca1c459fb37925ae59176;Parent=24db93f9434c2094;Sampled=0;lineage=616d3755:0 x-amzn-requestid d8123efe-ed7d-484a-93d2-081657fd4af8 x-cache Miss from cloudfront content-type application/json x-amz-apigw-id XHVDdGcrCYcEmFw= content-length 850 x-amz-cf-id 8bK6i9MN_cpHb3iBzJvk0-AtvVEVXiW3YEQT-1ZI-MkQXqKHv7BvKw==
GET H2	200	WidgetScript Show response app.purechat.com/VisitorWidget/	12 KB 4 KB	203ms 62ms	Script application/javascript	108.139.29.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.purechat.com/VisitorWidget/WidgetScript Requested by Host: chatwidget.ruby.com URL: https://chatwidget.ruby.com/6c590112-ecfd-43b4-97a3-ba485064a1b9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-41.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash d70317ecfd90a7aa5d068e210de6940a0f1e473275526eae00400b9d141ff41e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id null content-encoding gzip via 1.1 4a1ea8b67dc2325b2469ed51d3e186ac.cloudfront.net (CloudFront) date Wed, 01 May 2024 23:03:27 GMT last-modified Tue, 02 Jan 2024 22:57:53 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 1188 etag W/"3cc943cf82fe16508ced6ee433e4845c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public,max-age=14400 x-amz-cf-id 8S9zuE4ti074bTcZEe2ucutyMzK-FyozsSSrlDbOnF-4pogJdoiZfA==
GET H2	200	0615235e-bee6-43dc-b9de-9eb5b894af99 Show response widgetapi.purechat.com/api/visitorwidget/widgetversions/	408 B 722 B	262ms 74ms	XHR application/json	18.188.62.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgetapi.purechat.com/api/visitorwidget/widgetversions/0615235e-bee6-43dc-b9de-9eb5b894af99 Requested by Host: app.purechat.com URL: https://app.purechat.com/VisitorWidget/WidgetScript Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.188.62.254 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-188-62-254.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash b54d3d02f17be84828e4961e438425f9ab0018a17d31b5e3f125d53e8a40ad4f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:15 GMT server Kestrel vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://google.324creative.us access-control-expose-headers X-Requires-Auth cache-control max-age=60 access-control-allow-credentials true content-length 408
GET H2	200	16 Show response api-cdn.purechat.com/api/visitorwidget/widget/0615235e-bee6-43dc-b9de-9eb5b894af99/	9 KB 3 KB	227ms 62ms	XHR application/json	108.139.47.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-cdn.purechat.com/api/visitorwidget/widget/0615235e-bee6-43dc-b9de-9eb5b894af99/16 Requested by Host: app.purechat.com URL: https://app.purechat.com/VisitorWidget/WidgetScript Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-126.jfk50.r.cloudfront.net Software Kestrel / Resource Hash a57309922e77bf66535617f8f68c94154731a50906b4b2af999bde08122e3fb9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 22:33:18 GMT content-encoding gzip via 1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront) server Kestrel x-amz-cf-pop JFK50-P1 age 2997 vary Accept-Encoding,Origin x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin https://google.324creative.us access-control-expose-headers X-Requires-Auth cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-id MVschr3UeCiq4Zestq3ZIYF1BNEa_sfEmDqVqmxP8HNolayWBkdZqA==
GET H2	200	version Show response app.purechat.com/	234 B 615 B	61ms 61ms	Script application/javascript	108.139.29.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.purechat.com/version?_=_&callback=_WidgetJPCB_Version Requested by Host: app.purechat.com URL: https://app.purechat.com/VisitorWidget/WidgetScript Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-41.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 4a600a75a8fd758854ea6877acfe52b061a8171df731e5822d2424d89cc53ad8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id null date Wed, 01 May 2024 23:18:31 GMT via 1.1 4a1ea8b67dc2325b2469ed51d3e186ac.cloudfront.net (CloudFront) last-modified Tue, 02 Jan 2024 22:58:30 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 285 etag "bbe228fb576ddc68ae3e033297975a80" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public,max-age=900 content-length 234 x-amz-cf-id KeeiwZuZhXwRHBZXceKP5rAl0R9zW7PeTS8HNCC7x0rCZZROgY44Ag==
GET H3	200	embed www.google.com/maps/ Frame 678E	0 0	385ms 267ms	Document text/html	142.251.40.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d53016.51568678661!2d-118.12056284298906!3d33.850171999165795!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xe2456e214094ca16!2sOrthodontist%20of%20Cerritos!5e0!3m2!1sen!2sus!4v1626989362939!5m2!1sen!2sus Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s38-in-f4.1e100.net Software scaffolding on HTTPServer2 / Resource Hash Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-b2XHSBLJgtsq1bC1SZuw-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding gzip content-length 1382 content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-b2XHSBLJgtsq1bC1SZuw-g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1 content-type text/html; charset=UTF-8 date Wed, 01 May 2024 23:23:15 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache server scaffolding on HTTPServer2 vary Origin X-Origin Referer x-content-type-options nosniff x-robots-tag noindex,nofollow x-xss-protection 0
GET H2	200	modern_initializer.13851.js Show response prod.purechatcdn.com/assets/	132 KB 26 KB	147ms 60ms	Script application/javascript	2606:4700:3030::6815:455e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prod.purechatcdn.com/assets/modern_initializer.13851.js Requested by Host: app.purechat.com URL: https://app.purechat.com/VisitorWidget/WidgetScript Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be46e13b2a5048a76047e938a7978bdc5bbcbc116c5e47133d2c0bcc065a7cd3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:15 GMT x-amz-version-id null via 1.1 9f9095d5ec32b1518f65fa128bcfc836.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-P8 age 5539141 content-encoding br x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 02 Jan 2024 22:55:42 GMT server cloudflare etag W/"98f959e1bfe2e5619eff78f14f5dfaca" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJF518Oua6jUb8xOuBp7T%2BnDP%2FwqH%2F5mQ1GPyYLDHdswbIm9gZifoR60kWaJN%2BLlBZ0GbjR4bSx2E4prVaumCQwB7P6UUh2xo4%2Fa1VBq6JKiWjKLPg8ObbwjOc7a0uh0cQxKQ%2FNSE7HUKeinQKgOxh68HQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 vary Accept-Encoding cf-ray 87d384ae69558db2-MIA x-amz-cf-id pxckkVEKnq4RRiMLjVc-_r6EnI_nZJra8XJHdNvAraxN64LGifEu0A==
GET H2	200	modern_app.13851.js Show response prod.purechatcdn.com/assets/ Frame 048A	1 MB 285 KB	57ms 56ms	Script application/javascript	2606:4700:3030::6815:455e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prod.purechatcdn.com/assets/modern_app.13851.js Requested by Host: prod.purechatcdn.com URL: https://prod.purechatcdn.com/assets/modern_initializer.13851.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:455e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2e7aaa407d85296cb4c7d1caee5c05eb28716137145a3688635505465db8618 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:15 GMT x-amz-version-id null via 1.1 f7622d34f14a4da761ccec4819140f94.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-P8 age 5549700 content-encoding br x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 02 Jan 2024 22:55:41 GMT server cloudflare etag W/"8a044e92ca7ff52b1df0172b2bc54c40" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeUNG4ix9h875pNpFg2M5vJmgUiJQTIenEoKXsp%2B%2BxRL%2FVGXuwBfkc5G0RS2Rn1R5aVtvCcRyYDeugkS7gxvfB8NCMnFIOj%2B8OZP0jwrcLHrAil4UNdv55fW5VtoMHpqVK56PmEvbZmaNrelbfpoUk6QKw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000 vary Accept-Encoding cf-ray 87d384af3a6e8db2-MIA x-amz-cf-id KHaY1K_1xlnixmgBznbuCVQ9NAr_TL5KMHTH7FZ86O0FkXEIgx7DSw==
OPTIONS H2	204	0615235e-bee6-43dc-b9de-9eb5b894af99 api.purechat.com/api/visitorwidget/chatavailable/601887/ Frame	0 0	208ms 70ms	Preflight	18.216.127.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.purechat.com/api/visitorwidget/chatavailable/601887/0615235e-bee6-43dc-b9de-9eb5b894af99?externalRequest=false&getAvailableOperators=true Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.216.127.89 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-216-127-89.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://google.324creative.us Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://google.324creative.us date Wed, 01 May 2024 23:23:16 GMT server Kestrel
GET H2	200	0615235e-bee6-43dc-b9de-9eb5b894af99 Show response api.purechat.com/api/visitorwidget/chatavailable/601887/ Frame 048A	2 KB 2 KB	75ms 72ms	Fetch application/json	18.188.62.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.purechat.com/api/visitorwidget/chatavailable/601887/0615235e-bee6-43dc-b9de-9eb5b894af99?externalRequest=false&getAvailableOperators=true Requested by Host: prod.purechatcdn.com URL: https://prod.purechatcdn.com/assets/modern_app.13851.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.188.62.254 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-188-62-254.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash 16f506b49ed80ca243b7ba96bd8b7e2d5b88d4cec651803c5170959c4a5792bc Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Accept application/json Referer https://google.324creative.us/ sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://google.324creative.us date Wed, 01 May 2024 23:23:16 GMT access-control-expose-headers X-Requires-Auth access-control-allow-credentials true server Kestrel content-length 1949 content-type application/json; charset=utf-8
GET H2	200	43ed621e-5efd-4a83-aca9-7ff3aacbe9b1.png api-cdn.purechat.com/Files/Download/ Frame 048A	4 KB 4 KB	63ms 62ms	Image image/png	108.139.47.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://api-cdn.purechat.com/Files/Download/43ed621e-5efd-4a83-aca9-7ff3aacbe9b1.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-126.jfk50.r.cloudfront.net Software Kestrel / Resource Hash 0c4024c96ced4478aae30f7c1399b8ea2bb3e5e9974d2e4a9bacccb935743fe9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 05 Mar 2024 15:50:47 GMT via 1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront) last-modified Thu, 23 Nov 2023 18:44:15 GMT server Kestrel x-amz-cf-pop JFK50-P1 age 5074109 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=30758400 content-disposition attachment; filename=43ed621e-5efd-4a83-aca9-7ff3aacbe9b1; filename*=UTF-8''43ed621e-5efd-4a83-aca9-7ff3aacbe9b1 content-length 3796 x-amz-cf-id uCTv_LPkTXrgpyuZYKabksTWaeEhb32HxusoLUOrovumnQv_6tzGTg==
GET H3	200	email.webp prod.purechatcdn.com/Content/images/StockWidgetImages/clipart/ Frame 048A	12 KB 13 KB	45ms 44ms	Image binary/octet-stream	172.67.206.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://prod.purechatcdn.com/Content/images/StockWidgetImages/clipart/email.webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fc47658d0e665bdea6fcd18b703cd16c2614b3d05ad88287569a41356e4acc2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:16 GMT x-amz-version-id null via 1.1 0c72e8c84db7dda399af214342d1e968.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-P8 age 5544400 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 12432 last-modified Tue, 02 Jan 2024 22:55:29 GMT server cloudflare etag "535c33a79855d27ca9e668c217d23eea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GzSnthlrQkrO0QbTPt6TglJF1%2BXcNg20u%2FKUr5LxVHCYYBud0DZFrO3SaFtjOopNjPJeWbVjinp2ITo1Jkvphsbgo0XcJThe4lFCUXzgyfOZ9RspVNJ7mL4Qx1eow4mGUHvf8Bd1MA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream cache-control public, max-age=31536000 accept-ranges bytes cf-ray 87d384b26a564c02-MIA x-amz-cf-id n261GXU_TJCqvNEozAIroHSRg-uoJVosSoOuZJdHoK7Ri5HWOexfww==
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/ff1b842b0ec0f02f9734e8811208fc9f?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	110ms 110ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://www.gravatar.com/avatar/ff1b842b0ec0f02f9734e8811208fc9f?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/077da51d22303a902560ab7a3c48ef49?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 2 KB	107ms 31ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/077da51d22303a902560ab7a3c48ef49?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/3aeca28a9030b81e7faee86b5aad4253?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	109ms 109ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx x-redirect-by WordPress content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/3aeca28a9030b81e7faee86b5aad4253?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/38761515e2d1db6d0e12c2fa2d4d7d7a?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	108ms 108ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/38761515e2d1db6d0e12c2fa2d4d7d7a?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/0a621882dac13bdb48bb2091ec66764a?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	109ms 109ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/0a621882dac13bdb48bb2091ec66764a?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/2072491ead69daa0d0a720d546eb692d?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	111ms 111ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://www.gravatar.com/avatar/2072491ead69daa0d0a720d546eb692d?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/980501b0dd8bf3076b66ac80dd0aa713?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	55ms 54ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/980501b0dd8bf3076b66ac80dd0aa713?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/fd22c15585c352e31a15210f7e774310?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	56ms 56ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/fd22c15585c352e31a15210f7e774310?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/3b483767e3aea972ad2fa7c50611123d?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	55ms 55ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/3b483767e3aea972ad2fa7c50611123d?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	operator-avatar.png i0.wp.com/app.purechat.com/content/images/avatars/ Frame 048A Redirect Chain https://secure.gravatar.com/avatar/970d91a3e3820a7c8d39f202e98f0f3f?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1	2 KB 0	56ms 56ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 Protocol H2 Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash d12078e603e3504e936b9758e9bc6323bb91cdb1db3e0fa6dde9d2650837c469 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9;q=0.9 Referer https://google.324creative.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Wed, 01 May 2024 23:23:16 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 1552 x-nc HIT mia 7 last-modified Thu, 05 Oct 2023 03:54:10 GMT server nginx etag "05710d0691ba7d72" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://app.purechat.com/content/images/avatars/operator-avatar.png>; rel="canonical" expires Sat, 04 Oct 2025 15:54:10 GMT Redirect headers x-nc HIT mia 2 date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type text/html; charset=utf-8 location https://i0.wp.com/app.purechat.com/content/images/avatars/operator-avatar.png?ssl=1 cache-control max-age=300 link <https://gravatar.com/avatar/970d91a3e3820a7c8d39f202e98f0f3f?s=100&d=https%3A%2F%2Fapp.purechat.com%2Fcontent%2Fimages%2Favatars%2Foperator-avatar.png>; rel="canonical" content-length 0 alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 23:28:16 GMT
GET H2	200	0f2166cf-fc94-4235-8483-ff7e4c96dbc7.jpg api.purechat.com/Files/Download/ Frame 048A	25 KB 25 KB	136ms 135ms	Image image/jpeg	18.188.62.254 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://api.purechat.com/Files/Download/0f2166cf-fc94-4235-8483-ff7e4c96dbc7.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.188.62.254 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-188-62-254.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash cc45ca1de52b62dfe437536e3d193383ae246499f2f2bd1402f2dccd163a38e4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 01 May 2024 23:23:16 GMT last-modified Wed, 10 Apr 2024 15:29:50 GMT server Kestrel age 9497 content-type image/jpeg cache-control public,max-age=30758400 content-disposition attachment; filename=0f2166cf-fc94-4235-8483-ff7e4c96dbc7; filename*=UTF-8''0f2166cf-fc94-4235-8483-ff7e4c96dbc7 content-length 25401
GET H2	200	43ed621e-5efd-4a83-aca9-7ff3aacbe9b1.png api-cdn.purechat.com/Files/Download/ Frame 6047	4 KB 0	63ms 62ms	Image image/png	108.139.47.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://api-cdn.purechat.com/Files/Download/43ed621e-5efd-4a83-aca9-7ff3aacbe9b1.png Requested by Host: prod.purechatcdn.com URL: https://prod.purechatcdn.com/assets/modern_app.13851.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-126.jfk50.r.cloudfront.net Software Kestrel / Resource Hash 0c4024c96ced4478aae30f7c1399b8ea2bb3e5e9974d2e4a9bacccb935743fe9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 05 Mar 2024 15:50:47 GMT via 1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront) last-modified Thu, 23 Nov 2023 18:44:15 GMT server Kestrel x-amz-cf-pop JFK50-P1 age 5074109 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=30758400 content-disposition attachment; filename=43ed621e-5efd-4a83-aca9-7ff3aacbe9b1; filename*=UTF-8''43ed621e-5efd-4a83-aca9-7ff3aacbe9b1 content-length 3796 x-amz-cf-id uCTv_LPkTXrgpyuZYKabksTWaeEhb32HxusoLUOrovumnQv_6tzGTg==
POST H2	200	/ Show response checkin.purechat.com/api/checkin/ Frame 048A	115 B 503 B	207ms 74ms	XHR application/json	13.59.117.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://checkin.purechat.com/api/checkin/ Requested by Host: prod.purechatcdn.com URL: https://prod.purechatcdn.com/assets/modern_app.13851.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.59.117.163 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-59-117-163.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash fe1677d6b537eadf66b6ad115461c0eac391d26fea0fb3e16e4cc9c67d0a6ecc Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://google.324creative.us/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers access-control-allow-origin https://google.324creative.us date Wed, 01 May 2024 23:23:17 GMT access-control-allow-credentials true server Kestrel content-length 115 content-type application/json; charset=utf-8
OPTIONS H2	204	/ checkin.purechat.com/api/checkin/ Frame	0 0	225ms 67ms	Preflight	13.59.117.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://checkin.purechat.com/api/checkin/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.59.117.163 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-59-117-163.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://google.324creative.us Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://google.324creative.us date Wed, 01 May 2024 23:23:16 GMT server Kestrel