urlscan.io logo urlscan.io
SecurityTrails logo

happy-dune-05109f110.4.azurestaticapps.net Open in urlscan Pro
20.22.31.128  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=ms...
Effective URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Submission: On January 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 17 domains to perform 113 HTTP transactions. The main IP is 20.22.31.128, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is happy-dune-05109f110.4.azurestaticapps.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on December 20th 2023. Valid for: a year.
This is the only time happy-dune-05109f110.4.azurestaticapps.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
21 141.193.213.11 209242 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a02:6ea0:c45... 60068 (CDN77 _)
6 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 23.22.198.224 14618 (AMAZON-AES)
2 151.101.194.49 54113 (FASTLY)
8 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 151.101.66.49 54113 (FASTLY)
2 2620:100:a001... 19750 (AS-CRITEO)
16 20.22.31.128 8075 (MICROSOFT...)
11 2620:100:a001::4 19750 (AS-CRITEO)
2 74.119.119.147 19750 (AS-CRITEO)
2 72.21.81.64 15133 (EDGECAST)
2 2620:100:a001... 19750 (AS-CRITEO)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 104.21.53.38 13335 (CLOUDFLAR...)
113 21
21    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
buzzstormer.com
1    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3037::6815:5870 (United States)

ASN13335 (CLOUDFLARENET, US)
trkrcom.com
2    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)
plausible.io
6    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    23.22.198.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-198-224.compute-1.amazonaws.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
displayf-tm.everesttech.net
8    2607:f8b0:4006:80e::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
statsf-tm.everesttech.net
2    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
16    20.22.31.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
happy-dune-05109f110.4.azurestaticapps.net
11    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    72.21.81.64 (United States)

ASN15133 (EDGECAST, US)
playtime.tubemogul.com
2    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
2    2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.21.53.38 (None, )

ASN13335 (CLOUDFLARENET, US)
userstatics.com
Apex Domain
Subdomains		 Transfer
21 buzzstormer.com
buzzstormer.com — Cisco Umbrella Rank: 192468
178 KB
16 azurestaticapps.net
happy-dune-05109f110.4.azurestaticapps.net
179 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
csm.us.criteo.net — Cisco Umbrella Rank: 3277
117 KB
8 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com Failed
39 KB
8 everesttech.net
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net — Cisco Umbrella Rank: 8706
displayf-tm.everesttech.net — Cisco Umbrella Rank: 7079
statsf-tm.everesttech.net — Cisco Umbrella Rank: 5475
10 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net Failed
65 KB
5 gstatic.com
fonts.gstatic.com
135 KB
4 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 3179
cat.va.us.criteo.com — Cisco Umbrella Rank: 3347
42 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
260 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
148 KB
2 tubemogul.com
playtime.tubemogul.com — Cisco Umbrella Rank: 7280
34 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 9632
2 KB
2 trkrcom.com
trkrcom.com — Cisco Umbrella Rank: 184255
2 KB
1 userstatics.com
userstatics.com — Cisco Umbrella Rank: 318745
579 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
3 KB
0 flashtalking.com Failed
servedby.flashtalking.com Failed
113 17
Domain Requested by
21 buzzstormer.com buzzstormer.com
16 happy-dune-05109f110.4.azurestaticapps.net trkrcom.com
happy-dune-05109f110.4.azurestaticapps.net
11 static.criteo.net ads.us.criteo.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
6 googleads.g.doubleclick.net buzzstormer.com
googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 statsf-tm.everesttech.net googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com happy-dune-05109f110.4.azurestaticapps.net
www.googletagmanager.com
2 csm.us.criteo.net ads.us.criteo.com
2 playtime.tubemogul.com displayf-tm.everesttech.net
playtime.tubemogul.com
2 cat.va.us.criteo.com ads.us.criteo.com
2 ads.us.criteo.com googleads.g.doubleclick.net
2 displayf-tm.everesttech.net googleads.g.doubleclick.net
2 rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net googleads.g.doubleclick.net
2 plausible.io buzzstormer.com
plausible.io
2 trkrcom.com buzzstormer.com
trkrcom.com
1 userstatics.com happy-dune-05109f110.4.azurestaticapps.net
1 fonts.googleapis.com buzzstormer.com
0 pagead2.googlesyndication.com Failed www.googletagservices.com
0 cm.g.doubleclick.net Failed googleads.g.doubleclick.net
0 servedby.flashtalking.com Failed buzzstormer.com
113 23

This site contains no links.

Subject Issuer Validity Valid
buzzstormer.com
E1		 2024-01-23 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
trkrcom.com
GTS CA 1P5		 2024-01-04 -
2024-04-03		 3 months crt.sh
plausible.io
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.tmogul.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2024-06-11		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-12 -
2024-04-12		 3 months crt.sh
*.4.azurestaticapps.net
Microsoft Azure RSA TLS Issuing CA 03		 2023-12-20 -
2024-12-14		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-25 -
2024-02-22		 3 months crt.sh
*.tubemogul.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-06-13		 a year crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
userstatics.com
E1		 2024-01-29 -
2024-04-28		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Frame ID: EF2F80F582BC79A13310542FE7FEBA16
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: CD62AA88919A2BD54A43E442C13583B2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: F12FB6E1387E034028E4B08F39DBE5E4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: CE063C7C59F5D4951EC56BDBA237FE10
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: 8F9598D0C92F5B5ADADF9173C78CA855
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Frame ID: 5220340EA3FEBDEA77F2CF9FF9E855ED
Requests: 10 HTTP requests in this frame

Frame: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=-6666329583056499839&tm_auction_id=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&didtype=UNK&bi=B09sWklQ5N4zidZhenyRmuFMTlIH_ksaVnVz6mx_hxnMcjaJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGVSO2zTUBSt7SZpIyRKFASKQDIVEk2FHX_iZ7sdStL8aOo4qpOm7ebEL8lTnNi1nU8ZKybGCpawgMQEiIFOdGFholtZECNICDFVXZDKAKEpEhJ3uMPVPecenXOnGxXu8Mfj7qvLb4r3r0Xe-YLz3o4N6YZlNUyo28ila1Y7VkWGAR06YWjQ6UFnDW53oeuFHvmufpicDW_UAeR2touba3oPNgzUUG0w9_DwKcaFBSQqWzt2Zx1lUwrKsOsVoS-9_PrlxcVkuF5LZRvNuiV2lVpXarc2cgN3D_MU6x4yTT0m0Aw5V0Edw-q7ZKFEsgzNLJKjAYgvkgMQj5IJ2zZhBVbzyIsJvEjzgJzL50rK6m3SRC1IZmGtZUXJ5aZjtWGM5UYENGBkmea4OKnpdd1B57ghRnIMV9cFhpWqApB5GBdluQ5lIEtQFvU4EA6w60DNF9urVCENQWpFsQtippwSEjRLsbSSfI8R5UL-CAt0O62O1e98wgL9sfjvGDv1dngzFM4pTFtWKlprY0XeKhngboHzIkHTMvuW98dmEpcnzup46QQL290qJUocI7NAYhiOlUTAnmLhKhvvMuxaOq72tEqyojeam9oufgl6TcuVeJ6yHcugejrYw2ccr0qNk6PqyHG95_ikizz4Gp8abUOnA70TPBr8Hxryj1GzF3iaobRCoqjl1NIpHgj64MA2vV1iKegff8jMcD8YIcpaavZPi_6Vv0Cgtp28khkZnx54o1O6WXRQDWbPQMXpB8TEkDinOCBuBfGyFsIzqxFC4KR5H8-PYuAC2bS6rKbSC_6sqmZX03ewI8LP8wLH8p-Jf1z7RjzBjomPk6dEwIBuy7PsG-s_Ne3Zr333N_3SaMreAgAA&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdQv3yW5ZcezEuTJoPMPp6KPsAu835z0XK6C25dSwI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE5AFP0AUVyzD88jXpEg66c5oDw8eCt6GbnkScnGULKOgS57jM4uCJgEQI5wUFIPqHo_9ZQ7LuvR5cGegNH1ABsYIwadAivrvpeT-kVDWBTVSTxSfFqQXYqbz6uUCozgV9uyl_NZvwWfRnp6TEgSA0hRTEscoIOFRLyV-oK9Hx_XLTSHwwK_i8YgeFLnV7dNyWunRNaNqfZXkom35cBkJZkFT5o-cgTfoeeODLBjK8gW1Tu2Bbi-sQXrpuBHK24QGHMPy7AMhZP5bCSErzik7tWDoz7Ou6Hv8_k4IzuoxcHXS2QTwuLoiABpHx6tad-szFwQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY2f2JkcaFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3PsY5QIMY_DToWcTcLzG9AyqtjDA%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Frame ID: 8E6B54701085F5BB50A69664992CDA54
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Frame ID: D39442115DFA80380ECA176D4E2668F7
Requests: 10 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB
Frame ID: 7EB8961BBE888E1346AE8AA7FA7AC260
Requests: 5 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=6OMsDr-NEe6ghYLxPwNrew.1-1.MB
Frame ID: 8782CFA566E4B40B441EE5A4C281A5ED
Requests: 5 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/8/227887;8013078;201;js;AdobeAdCloud;FPLHomeFPLES11258Surge160x600/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20240130113751%3Ad%26s_kwcid%3DAC!fcDGghfo7uMcu8mkXHxs!5i7MZypnViGDMiF1VW5w&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&cachebuster=291234.4678941685
Frame ID: 615F26DC6786DF582292AEC551B3C2D4
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/8/227887;8013078;201;js;AdobeAdCloud;FPLHomeFPLES11258Surge160x600/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20240130113751%3Ad%26s_kwcid%3DAC!fcDGghfo7uMcu8mkXHxs!5i7MZypnViGDMiF1VW5w&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&cachebuster=796173.3203769996
Frame ID: 927694707788DD7691CCF2EB35914D95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Security Require Action

Page URL History Show full URLs

  1. https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buz... Page URL
  2. https://happy-dune-05109f110.4.azurestaticapps.net/?bcda=+1-888-682-5032 Page URL
  3. https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

113
Requests

87 %
HTTPS

60 %
IPv6

17
Domains

23
Subdomains

21
IPs

2
Countries

1236 kB
Transfer

3339 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp Page URL
  2. https://happy-dune-05109f110.4.azurestaticapps.net/?bcda=+1-888-682-5032 Page URL
  3. https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://rtd-tm.everesttech.net/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1 HTTP 302
  • https://rtd-tm.everesttech.net/ct/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1&_test=Zbkl4AACeUwbaQBI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJrbDRBQUNlVXdiYVFCSQ
Request Chain 87
  • https://rtd-tm.everesttech.net/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1 HTTP 302
  • https://rtd-tm.everesttech.net/ct/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1&_test=Zbkl4AAANI24pwBJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJrbDRBQUNlVXdiYVFCSQ

113 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
buzzstormer.com/celebrities-who-look-identical-to-each-other/2/ 		56 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
377f1891bbb96018760255b8346fbbdf1d59f39a4741f6a35ebaf2909c54b45e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
84db244f5d826db3-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 16:37:50 GMT
link
<https://buzzstormer.com/wp-json/>; rel="https://api.w.org/" <https://buzzstormer.com/wp-json/wp/v2/posts/16857>; rel="alternate"; type="application/json" <https://buzzstormer.com/?p=16857>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-pass-why
custom-args
x-pingback
https://buzzstormer.com/xmlrpc.php
x-powered-by
WP Engine
style.min.css
buzzstormer.com/wp-includes/css/dist/block-library/ 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 05 Nov 2023 19:40:32 GMT
server
cloudflare
age
95826
etag
W/"6547efb0-1add3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178aa6db3-MIA
alt-svc
h3=":443"; ma=86400
styles.css
buzzstormer.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 25 Nov 2023 14:23:29 GMT
server
cloudflare
age
129341
etag
W/"65620361-b4e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178ac6db3-MIA
alt-svc
h3=":443"; ma=86400
style.css
buzzstormer.com/wp-content/themes/click-mag/ 		82 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/style.css?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d8ba3f70422ccb7ae935a2eec8300a0d50eae89c28d6f8f8b607947e592725

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 25 Nov 2023 14:05:39 GMT
server
cloudflare
age
129341
etag
W/"6561ff33-14931"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178ad6db3-MIA
alt-svc
h3=":443"; ma=86400
reset.css
buzzstormer.com/wp-content/themes/click-mag/css/ 		1 KB
733 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/css/reset.css?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
129341
etag
W/"65142828-434"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178ae6db3-MIA
alt-svc
h3=":443"; ma=86400
all.css
buzzstormer.com/wp-content/themes/click-mag/font-awesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/font-awesome/css/all.css?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
129341
etag
W/"65142828-11f69"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178af6db3-MIA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		51 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion+One%3A400%2C700%7CWork+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A400%2C700%2C800%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&ver=1.0.0
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
118af57643cc8ecfaf7f820f7f756161011a073838541e3555da84aeb6357070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 16:32:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 16:37:51 GMT
media-queries.css
buzzstormer.com/wp-content/themes/click-mag/css/ 		48 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/css/media-queries.css?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acc7ff03019c152c16ddbbe3e5fc6e351fbbebbdc5824d7f898f33846caf066

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
129341
etag
W/"65142828-c164"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178b26db3-MIA
alt-svc
h3=":443"; ma=86400
style.css
buzzstormer.com/wp-content/themes/click-mag-child/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag-child/style.css?ver=2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a6d44f7420fa491c7af252f08b57de4ac1c9cdae68032fcec67c304719e604

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 12:50:08 GMT
server
cloudflare
age
129341
etag
W/"65770580-3beb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178b46db3-MIA
alt-svc
h3=":443"; ma=86400
jquery.min.js
buzzstormer.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
cloudflare
age
129341
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178b56db3-MIA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
buzzstormer.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
age
129341
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db245178b76db3-MIA
alt-svc
h3=":443"; ma=86400
logo-nav.png
buzzstormer.com/wp-content/uploads/2023/09/ 		808 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buzzstormer.com/wp-content/uploads/2023/09/logo-nav.png
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
14376c90b1f807adf65110e16fccb21e57f814a8ba20ef658841aade579a3c45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
cf-cache-status
HIT
age
95825
cf-polished
origFmt=png, origSize=1863
content-disposition
inline; filename="logo-nav.webp"
alt-svc
h3=":443"; ma=86400
content-length
808
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Sep 2023 04:50:13 GMT
server
cloudflare
etag
"65150605-747"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84db2451a8ec6db3-MIA
1.-Amy-Adams-Isla-Fisher.webp
buzzstormer.com/wp-content/uploads/2023/11/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buzzstormer.com/wp-content/uploads/2023/11/1.-Amy-Adams-Isla-Fisher.webp
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ab4037eaa4e4aef207e48b3483b04e172b6cd1e26a2681785950e534dc47be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:50 GMT
cf-cache-status
HIT
last-modified
Sun, 26 Nov 2023 10:36:00 GMT
server
cloudflare
age
95312
etag
"65631f90-4914"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84db245178b96db3-MIA
alt-svc
h3=":443"; ma=86400
content-length
18708
13b393ebb3f57900157d2d9b2fbbfc0a69f2e918.js
trkrcom.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trkrcom.com/js/13b393ebb3f57900157d2d9b2fbbfc0a69f2e918.js
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3845834c60090d92c7cb03b8c14504e12b40b5aec08255c9cbc2db5dc1e5a135

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 30 Jan 2024 15:58:31 GMT
server
cloudflare
age
1495
cf-polished
origSize=1886
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M%2BJ2%2BnFbrick1GnZ8v%2BOx4SN0nVXp2k1QfsdOPYBBoNPNFNI5wrzW%2F%2FaR8onCn4pKHLox2aMtOOQjbS37recZLD6HNtrdr6T%2FKn7KMjGHdFj%2FgLB%2FYEab2bhEeMhpZbbSVoBIAngoS9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84db24520e7467b1-MIA
alt-svc
h3=":443"; ma=86400
script.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/script.js
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
885
cdn-cachedat
01/30/2024 12:30:42
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.0.3
alt-svc
h3=":443"; ma=2592000
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, must-revalidate, max-age=86400
permissions-policy
interest-cohort=()
cdn-requestid
12483e3dc023fcf2f1cd6c737b36ba78
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
index.js
buzzstormer.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 25 Nov 2023 14:23:29 GMT
server
cloudflare
age
95798
etag
W/"65620361-2b6d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db2451fd49747b-MIA
alt-svc
h3=":443"; ma=86400
index.js
buzzstormer.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 25 Nov 2023 14:23:29 GMT
server
cloudflare
age
836915
etag
W/"65620361-337e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db24524dbe747b-MIA
alt-svc
h3=":443"; ma=86400
scripts.js
buzzstormer.com/wp-content/themes/click-mag/js/ 		107 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/js/scripts.js?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e4b090f72d822ea70575a337f5c08c1d079223cd0e583803bf2447973b9719

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
9369
etag
W/"65142828-1aced"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db24525dd7747b-MIA
alt-svc
h3=":443"; ma=86400
retina.js
buzzstormer.com/wp-content/themes/click-mag/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/js/retina.js?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
1132652
etag
W/"65142828-c20"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db24529e47747b-MIA
alt-svc
h3=":443"; ma=86400
mvpcustom.js
buzzstormer.com/wp-content/themes/click-mag/js/ 		0
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/js/mvpcustom.js?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
95798
etag
"65142828-0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84db2452be74747b-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
flexslider.js
buzzstormer.com/wp-content/themes/click-mag/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/js/flexslider.js?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e84f4b3a46857e0ee497d4890e8a90ba4889e3c72d3c39a1ea7f78c1f8065b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
95798
etag
W/"65142828-5616"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db2452be76747b-MIA
alt-svc
h3=":443"; ma=86400
jquery.infinitescroll.min.js
buzzstormer.com/wp-content/themes/click-mag/js/ 		21 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/themes/click-mag/js/jquery.infinitescroll.min.js?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 13:03:36 GMT
server
cloudflare
age
1132652
etag
W/"65142828-54c9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db2452be77747b-MIA
alt-svc
h3=":443"; ma=86400
comment-reply.min.js
buzzstormer.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-includes/js/comment-reply.min.js?ver=6.4.2
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
cloudflare
age
836915
etag
W/"625095f6-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db2452be79747b-MIA
alt-svc
h3=":443"; ma=86400
lazyload.min.js
buzzstormer.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buzzstormer.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 25 Nov 2023 14:24:07 GMT
server
cloudflare
age
95798
etag
W/"65620387-22bc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84db2452be7a747b-MIA
alt-svc
h3=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame CD62 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98547c580a376d561d0ad0752b2ed18f2f10a88accfe19135420f10c8988f188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buzzstormer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16874
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:37:51 GMT
expires
Tue, 30 Jan 2024 16:37:51 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F12F 		36 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b92f322d2b2f93fb954c566c27845daa1608485d8f37bed817217f9cc278d2f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buzzstormer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14910
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:37:51 GMT
expires
Tue, 30 Jan 2024 16:37:51 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CE06 		36 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
203846a817f7155e6db77ff4bdca3665e0adbe529c038a6dc74ec4c08546fa59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buzzstormer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14908
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:37:51 GMT
expires
Tue, 30 Jan 2024 16:37:51 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8F95 		53 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Requested by
Host: buzzstormer.com
URL: https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bab9afc3ca39147f33ff6c831d05440d080b957f884a2e1df05fcbdb93382760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buzzstormer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17915
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:37:51 GMT
expires
Tue, 30 Jan 2024 16:37:51 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion+One%3A400%2C700%7CWork+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A400%2C700%2C800%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buzzstormer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 13:23:03 GMT
x-content-type-options
nosniff
age
184488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Jan 2025 13:23:03 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion+One%3A400%2C700%7CWork+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A400%2C700%2C800%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buzzstormer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 11:52:11 GMT
x-content-type-options
nosniff
age
189940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Jan 2025 11:52:11 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion+One%3A400%2C700%7CWork+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A400%2C700%2C800%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buzzstormer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 05:21:49 GMT
x-content-type-options
nosniff
age
126962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 05:21:49 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion+One%3A400%2C700%7CWork+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A400%2C700%2C800%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buzzstormer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:41:52 GMT
x-content-type-options
nosniff
age
316559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Jan 2025 00:41:52 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion+One%3A400%2C700%7CWork+Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A400%2C700%2C800%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buzzstormer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 04:32:28 GMT
x-content-type-options
nosniff
age
302723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Jan 2025 04:32:28 GMT
13b393ebb3f57900157d2d9b2fbbfc0a69f2e918
trkrcom.com/api/ 		89 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trkrcom.com/api/13b393ebb3f57900157d2d9b2fbbfc0a69f2e918?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
Requested by
Host: trkrcom.com
URL: https://trkrcom.com/js/13b393ebb3f57900157d2d9b2fbbfc0a69f2e918.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://buzzstormer.com/celebrities-who-look-identical-to-each-other/2/?utm_source=mg&utm_medium=buzzstormer&utm_term=msn.com&utm_campaign=2%20Celebrities%20w%2F%20Resemblance%20US-D&cost=0.090000&cc4d76fdaf5=4267&a0v5la7bquf89=77cdbc248ac670e103d7690efe33eea9&uy3ubftvh0u6o8=06cdfd3bdbc66965625ce29867b1f740&cusduxj27i=2260414&xnfrr0ncac=23912&zsmoi87pih9=trace.mediago.io&lzzgnp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG8H%2B3LgbW0I4YWmcFyc8mPx6exZ98aItZ5vv5B10FXMh2Cffh%2F0HXC5HPYZP82BdrYbdLMRHajJ%2FtI%2B%2Fld%2BQTE5%2BEuUGMe0detVd3NFayEbiCILqbUDFdWtbFUj1mRLzEplkq4NPEb7tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
84db245368038dca-MIA
alt-svc
h3=":443"; ma=86400
event
plausible.io/api/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://buzzstormer.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
cdn-edgestorageid
885
cdn-cachedat
01/30/2024 16:37:51
cdn-pullzone
682664
application
10.0.1.2
alt-svc
h3=":443"; ma=2592000
content-length
2
x-request-id
F68tX2sQ89XBJNweQYCH
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
5e66e7f9904d0203d3c8b1ef74a059da
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
e.png
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/ Frame CD62 		85 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/e.png?e=win&aid=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&cp=2647444&slot=1&x_price=Zbkl3wAEl8cIaBq_AAnCwUib_fllywj63u3Faw&ets=1706632671361&tz=America%2FNew_York&source=google&country=US&region=FL&mc=48&ap=0&ut=0&vis=UNKNOWN&site=HM0m9MWSkXJ9ZTd6IN2t&bp=170394&curr=USD&exr=1.0&fid=Xf6e2yqPYRavegdigOp6&c=4118344492&ccurr=USD&cuxr=1.0&a=461650&ca=727690&st=DISPLAY&sh=600&sw=160&rid=4188&mp=9&psk=HM0m9MWSkXJ9ZTd6IN2t&cfc=0&cfci=0&dur=-1&cityid=-1&metroid=122&countryid=232&postalid=14503&didtype=UNK&duration=180&v=1&auth=C6EcT3VqdPAtjialik1J-_DeSHM&x_r=Wc6lbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.22.198.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-198-224.compute-1.amazonaws.com
Software
adobe /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 16:37:51 GMT
x-pt
P=200 0=0
server
adobe
content-type
image/png
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
placement.js
displayf-tm.everesttech.net/feed/ Frame CD62 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=5945412734148800662&tm_auction_id=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&didtype=UNK&bi=B09SqE86xuZGU3K7AYylJ1Sgon-pr_kmBSlNxlJ0WapB2baJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGVSPWzTYBCt7SZpIyRKFAREQjIVEk2FHf_EX-x2KE2TJtA4juK0acvkxF-cT3Fi13bilLETYqzKEhZYgQm2LixMMCC1C-oIEkKwVB0zkTZFQuKGG0733j29d9OxA_vWU2Pl-HrPLA9iHwPheW_XhrRhWYYJNRu5dN1qJ2pI16FDL-sqdHrQKcOdLnS9yPPAzePJ2ehmA0Bud6e0VdZ60NCRodhg7uDzK4yLCiglb-_anQ2Uy8hold2oCr749sf3N1fT0UY9kzOaDSvVletdsd3azPfdfcyTrSfINLWEQDPkXBV1dMt3yWKFZBmaWSRHA5BcJPsgGSeXbduEVVhbQ15C4FM0D8i5tXxFLtwnTdSCZA7WW1acXGk6VhsmWG5EQANGkmiOS5Kq1tAcdIkbYCTHcA1NYFixJgCJh8mUJDWgBCQRSiktCYRD7DZQZDfjUMUsBEZzq9Av-UUH-jRLsbSc_oQR68W1IyzU7bQ6lt85wUL-WPwvjJ36MLgbieZlpi3JVbW1-UjarujgYZHzYmHTMn3LO7eZxKWJizpdOsOidrdGpUSOkVggMgzHiinADrFojU12GbacTSo9tZquaiMl6h5-DXpNyxV5nrIdS6d6GtjHZxyvRo2ToxrIcb3X-KSLPPgOnxptQ6cDvTM8Hv4fGgmOUbNXeJqh1OJySc0rlSEeCgdg3za9PWIpHBx_yMzgfThGrKuZ2fMW_yt_gUBtO31jdWR8tu-NTmlmyUF1mLsAlaafERMD4pLikLgXxtfVCL5aiBECJ84HeH4UAxfKZZUVJZNdCOYUJVfIPsCOiCDPCxzLfyP-ce0n8RI7Jb5ODomQDt2WZ9l3xJPHvw9ffCn9ATkmmGjeAgAA&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPXOx3yW5ZcevEr-1oPMPwYWnyA2835z0XK6C25dSwI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE5AFP0HdE4kTzioOb8j8_byj1_aj6q2dVR8zGCeBBM3iKVtg_Grh8wmZA0nVVrRkyGx8-6V4-BX0it4Va225SaWt_Kvyr1G1zrG7TBX5ncFwkZSN8Tb6GBzVSb9luYesOiTYfxndOO8I2ky1Bv-gzP2sgZoDNy1s5_i2HNAibFScen29tN1s-YUreaX-VYwGXJaB2kljxXjQz6NOtvh00n34Aq57W-fqX8GBVs_YeD97pzlf5N486L-_NaRYx6-u4sgJHZ7keWzF9LrD8PRhqU6fSwzs3e3CIFoFxu-6PWRA4f2s5TOyABpHx6tad-szFwQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYp_-JkcaFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-cL7NJCUm_3jgKbSZgUMj7aRiaw%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
adobe /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
gzip
via
1.1 varnish
x-pt
P=2265 0=0
x-cache
MISS
x-region
US-East
x-served-by
cache-mia-kmia1760032-MIA
server
adobe
x-timer
S1706632672.703030,VS0,VE30
x-failover
none
vary
Accept-Encoding, User-Agent
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame CD62 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame CD62 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CD62 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 16:37:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame F12F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame F12F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F12F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 16:37:51 GMT
imp
statsf-tm.everesttech.net/stats/1/ Frame CD62 		85 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?sessId=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&cpKey=5i7MZypnViGDMiF1VW5w&mpKey=Xf6e2yqPYRavegdigOp6&adKey=fcDGghfo7uMcu8mkXHxs&psId=HM0m9MWSkXJ9ZTd6IN2t&burl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7820916800218761%26output%3Dhtml%26h%3D600%26adk%3D3209154675%26adf%3D4043039345%26pi%3Dt.aa~a.4236442960~rp.1%26w%3D160%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1681580591%26rafmt%3D1%26to%3Dqs%26pwprc%3D3548874890%26format%3D160x600%26url%3Dhttps%253A%252F%252Flolwot.com%252F10-easy-methods-to-make-extra-cash%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26adsid%3DChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE%26uach%3DWyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd%26dt%3D1681580591901%26bpp%3D2%26bdt%3D1456%26idt%3D-M%26shv%3Dr20230412%26mjsv%3Dm202304110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Df317d07e87cadccd-22695f1c2cdf0037%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw%26gpic%3DUID%253D00000bf4db70eedd%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1724404121286%26frm%3D20%26pv%3D1%26ga_vid%3D351234906.1681580587%26ga_sid%3D1681580591%26ga_hid%3D1124025909%26ga_fc%3D1%26u_tz%3D330%26u_his%3D1%26u_h%3D864%26u_w%3D1536%26u_ah%3D824%26u_aw%3D1536%26u_cd%3D24%26u_sd%3D1.25%26dmc%3D8%26adx%3D175%26ady%3D1052%26biw%3D1519%26bih%3D754%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44759842%252C44759876%252C31073770%252C44788443%26oid%3D2%26pvsid%3D232731587555987%26tmod%3D1357422795%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fwww.google.com%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1536%252C0%252C1536%252C824%252C1536%252C754%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26jar%3D2023-04-15-12%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3D1Vv6r9uXdy%26p%3Dhttps%253A%2F%2Flolwot.com%26dtd%3D6&w=160&h=600&bi=B09SqE86xuZGU3K7AYylJ1Sgon-pr_kmBSlNxlJ0WapB2baJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&price=Zbkl3wAEl8cIaBq_AAnCwUib_fllywj63u3Faw&PG=F&didtype=UNK&seller_id=pub-7820916800218761&campaignKey=b14u01RE4OvSWBWaghYS&bidderZone=ethos833-prod-va6&bidderGroup=rtb-bidder-first&env=site&conn=ethernet&s=H4sIAAAAAAAAAAGwAE__DyrTjhcwp4t9FhEU_ifwjqVgFEEPS99-Q_YYseKYPtCCUuCZk9BNIXv59V4S3mR3-4Du0hnnltx4SYF7p-Q__UT9ex-bUAXnW3rwntWb9ys_3gg3c4EJ6LBQYFkFGUVd629T7n_dS1Ss6OPR1WWLLhZrX8tzvnvFUNUugZcnNJZr4vCIChoiO1q3Tkhkk9itBmZzN_YfCpDAqkN3swXXH9m-BbnJAzPr19ojU85Al5_kcnq-sAAAAA&date=1706632671363&auth=2f1e0118709180968a2b7ad9f0646a50&vinst=t&rurl=https%3A%2F%2Fbuzzstormer.com%2F&wd=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jan 2024 16:37:51 GMT
via
1.1 varnish
x-pt
P=439
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-East
content-length
85
x-served-by
cache-mia-kmia1760056-MIA
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Tue, 30 Jan 2024 16:37:51 UTC
afr.php
ads.us.criteo.com/delivery/r/ Frame 5220 		54 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:37:50 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=RSZEsAbvjpKHqw5sjTSgpHQnqsOaB8fffsI_GrmWAMgLzUGmULBZ3THz7zykbgq4XakaXOQDe92o2q7rfvqIoxFthq1UEWFLrVSxeV5HUu_0teZQVtKNnLG--IdwCu_ukWv71qGrQSA7R1-b9gP745HoHyagSAVNQQfSzhSN3S8NV6ndhJwXZMs6xaoJABnj51yxokJTWWSkojYRRr5mgXtKsL49-EszGxoY-vTbyiKr1nxmgHt2m6mmk9PtSlwW3lxvJw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5802671
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
placement.js
displayf-tm.everesttech.net/feed/ Frame 8E6B 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=-6666329583056499839&tm_auction_id=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&didtype=UNK&bi=B09sWklQ5N4zidZhenyRmuFMTlIH_ksaVnVz6mx_hxnMcjaJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGVSO2zTUBSt7SZpIyRKFASKQDIVEk2FHX_iZ7sdStL8aOo4qpOm7ebEL8lTnNi1nU8ZKybGCpawgMQEiIFOdGFholtZECNICDFVXZDKAKEpEhJ3uMPVPecenXOnGxXu8Mfj7qvLb4r3r0Xe-YLz3o4N6YZlNUyo28ila1Y7VkWGAR06YWjQ6UFnDW53oeuFHvmufpicDW_UAeR2touba3oPNgzUUG0w9_DwKcaFBSQqWzt2Zx1lUwrKsOsVoS-9_PrlxcVkuF5LZRvNuiV2lVpXarc2cgN3D_MU6x4yTT0m0Aw5V0Edw-q7ZKFEsgzNLJKjAYgvkgMQj5IJ2zZhBVbzyIsJvEjzgJzL50rK6m3SRC1IZmGtZUXJ5aZjtWGM5UYENGBkmea4OKnpdd1B57ghRnIMV9cFhpWqApB5GBdluQ5lIEtQFvU4EA6w60DNF9urVCENQWpFsQtippwSEjRLsbSSfI8R5UL-CAt0O62O1e98wgL9sfjvGDv1dngzFM4pTFtWKlprY0XeKhngboHzIkHTMvuW98dmEpcnzup46QQL290qJUocI7NAYhiOlUTAnmLhKhvvMuxaOq72tEqyojeam9oufgl6TcuVeJ6yHcugejrYw2ccr0qNk6PqyHG95_ikizz4Gp8abUOnA70TPBr8Hxryj1GzF3iaobRCoqjl1NIpHgj64MA2vV1iKegff8jMcD8YIcpaavZPi_6Vv0Cgtp28khkZnx54o1O6WXRQDWbPQMXpB8TEkDinOCBuBfGyFsIzqxFC4KR5H8-PYuAC2bS6rKbSC_6sqmZX03ewI8LP8wLH8p-Jf1z7RjzBjomPk6dEwIBuy7PsG-s_Ne3Zr333N_3SaMreAgAA&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdQv3yW5ZcezEuTJoPMPp6KPsAu835z0XK6C25dSwI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE5AFP0AUVyzD88jXpEg66c5oDw8eCt6GbnkScnGULKOgS57jM4uCJgEQI5wUFIPqHo_9ZQ7LuvR5cGegNH1ABsYIwadAivrvpeT-kVDWBTVSTxSfFqQXYqbz6uUCozgV9uyl_NZvwWfRnp6TEgSA0hRTEscoIOFRLyV-oK9Hx_XLTSHwwK_i8YgeFLnV7dNyWunRNaNqfZXkom35cBkJZkFT5o-cgTfoeeODLBjK8gW1Tu2Bbi-sQXrpuBHK24QGHMPy7AMhZP5bCSErzik7tWDoz7Ou6Hv8_k4IzuoxcHXS2QTwuLoiABpHx6tad-szFwQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY2f2JkcaFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3PsY5QIMY_DToWcTcLzG9AyqtjDA%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
adobe /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
gzip
via
1.1 varnish
x-pt
P=2252 0=0
x-cache
MISS
x-region
US-East
x-served-by
cache-mia-kmia1760032-MIA
server
adobe
x-timer
S1706632672.703060,VS0,VE29
x-failover
none
vary
Accept-Encoding, User-Agent
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 8E6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 8E6B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8E6B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 16:37:51 GMT
e.png
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/ Frame 8E6B 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/e.png?e=win&aid=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&cp=2647444&slot=1&x_price=Zbkl3wAEmccIaCTkAAPRJ8YJZYED4FzTseu6MQ&ets=1706632671355&tz=America%2FNew_York&source=google&country=US&region=FL&mc=48&ap=0&ut=0&vis=UNKNOWN&site=HM0m9MWSkXJ9ZTd6IN2t&bp=170394&curr=USD&exr=1.0&fid=Xf6e2yqPYRavegdigOp6&c=4118344492&ccurr=USD&cuxr=1.0&a=461650&ca=727690&st=DISPLAY&sh=600&sw=160&rid=4188&mp=9&psk=HM0m9MWSkXJ9ZTd6IN2t&cfc=0&cfci=0&dur=-1&cityid=-1&metroid=122&countryid=232&postalid=14503&didtype=UNK&duration=180&v=1&auth=RrFQ-MlAsg8xeKk6e3JSxmxSpv4&x_r=wNdWgw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.22.198.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-198-224.compute-1.amazonaws.com
Software
adobe /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 16:37:51 GMT
x-pt
P=129 0=0
server
adobe
content-type
image/png
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
imp
statsf-tm.everesttech.net/stats/1/ Frame 8E6B 		85 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/imp?sessId=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&cpKey=5i7MZypnViGDMiF1VW5w&mpKey=Xf6e2yqPYRavegdigOp6&adKey=fcDGghfo7uMcu8mkXHxs&psId=HM0m9MWSkXJ9ZTd6IN2t&burl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7820916800218761%26output%3Dhtml%26h%3D600%26adk%3D3209154675%26adf%3D4043039345%26pi%3Dt.aa~a.4236442960~rp.1%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1681580591%26rafmt%3D1%26to%3Dqs%26pwprc%3D3548874890%26format%3D300x600%26url%3Dhttps%253A%252F%252Flolwot.com%252F10-easy-methods-to-make-extra-cash%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26adsid%3DChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE%26uach%3DWyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd%26dt%3D1681580591901%26bpp%3D2%26bdt%3D1456%26idt%3D-M%26shv%3Dr20230412%26mjsv%3Dm202304110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Df317d07e87cadccd-22695f1c2cdf0037%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw%26gpic%3DUID%253D00000bf4db70eedd%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1724404121286%26frm%3D20%26pv%3D1%26ga_vid%3D351234906.1681580587%26ga_sid%3D1681580591%26ga_hid%3D1124025909%26ga_fc%3D1%26u_tz%3D330%26u_his%3D1%26u_h%3D864%26u_w%3D1536%26u_ah%3D824%26u_aw%3D1536%26u_cd%3D24%26u_sd%3D1.25%26dmc%3D8%26adx%3D175%26ady%3D1052%26biw%3D1519%26bih%3D754%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44759842%252C44759876%252C31073770%252C44788443%26oid%3D2%26pvsid%3D232731587555987%26tmod%3D1357422795%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fwww.google.com%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1536%252C0%252C1536%252C824%252C1536%252C754%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26jar%3D2023-04-15-12%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3D1Vv6r9uXdy%26p%3Dhttps%253A%2F%2Flolwot.com%26dtd%3D6&w=160&h=600&bi=B09sWklQ5N4zidZhenyRmuFMTlIH_ksaVnVz6mx_hxnMcjaJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&price=Zbkl3wAEmccIaCTkAAPRJ8YJZYED4FzTseu6MQ&PG=F&didtype=UNK&seller_id=pub-7820916800218761&campaignKey=b14u01RE4OvSWBWaghYS&bidderZone=ethos833-prod-va6&bidderGroup=rtb-bidder-first&env=site&conn=ethernet&s=H4sIAAAAAAAAAAGwAE__mIBGmMmAtR9MdxK9TG4alrGi5tUjsMiF5o23vjW7_HIR-MTbzv64ld7438KlrydyJmFA61vdDjmi0Oj-dRTqiD6NDVKsYikuG9PmVK6J4OvoymvyRfHfM_xavqcAlvdWWfKdmIeToFTcwdfHBxB9mmh78Imzc3zu3Kqr8b7_zzgxtIxvoAjWeuyZkuSNROIaTGl9yAcNP17JAv9YmO-7gelANHJSMtrCZPg2YueofIRbMntMsAAAAA&date=1706632671356&auth=855d75be35588bf30118b00c66f4a0c7&vinst=t&rurl=https%3A%2F%2Fbuzzstormer.com%2F&wd=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jan 2024 16:37:51 GMT
via
1.1 varnish
x-pt
P=300
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-East
content-length
85
x-served-by
cache-mia-kmia1760056-MIA
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Tue, 30 Jan 2024 16:37:51 UTC
afr.php
ads.us.criteo.com/delivery/r/ Frame D394 		55 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:37:51 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=n6afAQbvjpKHqw5sdQAjqO4mH9DhGcdqaRBwIOoALSEan896tGyy6nRFuR6Xsy_l9Srwhly7yZje-8wTkesTl7-RRY63MexM0WvgDN-mnWU8yFAdVua1D_N_yLfgr5OXnTkoyBpva9W5fUzFWx8b2UjOftytri6aAgNMzcvzLhQcDazh7mxS8IXL1_5X-ddxcIBaBJQI-sP7p3LB8GJGCHW2tG2TJT4U9RsmyCZkpxNqVYYyfIL0QBlcTvnmJQ_6cQ-tjQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
13370266
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame CE06 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame CE06 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
37299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:16:12 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CE06 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 16:37:51 GMT
/
happy-dune-05109f110.4.azurestaticapps.net/ 		1 KB
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/?bcda=+1-888-682-5032
Requested by
Host: trkrcom.com
URL: https://trkrcom.com/js/13b393ebb3f57900157d2d9b2fbbfc0a69f2e918.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buzzstormer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Tue, 30 Jan 2024 16:37:51 GMT
etag
"57050848"
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5220 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 16:37:52 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5220 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 16:37:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5220 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 24 Jan 2025 16:37:52 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5220 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 24 Jan 2025 16:37:52 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 5220 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=2sAHjYAc6Uhv1mEB-BrN-muAVB-EgJkGNxIS1tSI_fY-ora72XuS4GFlpOZOc0t0xcHhhcYDVH6WZOJ7fxgSK3nzKXkxFNJFyIMzTglM_h5o1SeYZyM1w8PpVH5J-6s_kpB3Gd-UxvB3B3tJMSukFZFsK9lKb_VQgARvqCTFQ79rLnlT9nbYZu_CH2sC-TuaPN9CBUpnnXWGrS_744Q7L_PTSWJRf1NuSZOU6jrE_CWy-AUxG2fZwAjmJs-ul0UVnJ_Oi0tlinJKbsERKsQaqEHldugkBKmuElErSN6k4_nB8M-jucpGo9f7yYaueY5M4cvcbG_b63pLtfb7OHRfA4XVS9l6DDXbmSR-Sye79bNp342Q_W5S8_wGlmaZQOLo4mLMYNZbMMaXqQ5Q0yb7MBeeF6eQywOKR_-x2cUd8FXVzOmzVDHNP71CPwSQFAepxhLc9g
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 16:37:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1842415
expires
Mon, 26 Jul 1997 05:00:00 GMT
e2905a77f2614b66a32992480275d2b7_image_ad_300x250.gif
static.criteo.net/design/dt/108469/5184478/ Frame 5220 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/108469/5184478/e2905a77f2614b66a32992480275d2b7_image_ad_300x250.gif
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 15 Dec 2023 13:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"657c4f6f-1aa17"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
109079
expires
Fri, 24 Jan 2025 16:37:52 GMT
truncated
/ Frame F12F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8E6B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
displayproxy-20231031.js
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame 7EB8 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB
Requested by
Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=-6666329583056499839&tm_auction_id=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&didtype=UNK&bi=B09sWklQ5N4zidZhenyRmuFMTlIH_ksaVnVz6mx_hxnMcjaJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGVSO2zTUBSt7SZpIyRKFASKQDIVEk2FHX_iZ7sdStL8aOo4qpOm7ebEL8lTnNi1nU8ZKybGCpawgMQEiIFOdGFholtZECNICDFVXZDKAKEpEhJ3uMPVPecenXOnGxXu8Mfj7qvLb4r3r0Xe-YLz3o4N6YZlNUyo28ila1Y7VkWGAR06YWjQ6UFnDW53oeuFHvmufpicDW_UAeR2touba3oPNgzUUG0w9_DwKcaFBSQqWzt2Zx1lUwrKsOsVoS-9_PrlxcVkuF5LZRvNuiV2lVpXarc2cgN3D_MU6x4yTT0m0Aw5V0Edw-q7ZKFEsgzNLJKjAYgvkgMQj5IJ2zZhBVbzyIsJvEjzgJzL50rK6m3SRC1IZmGtZUXJ5aZjtWGM5UYENGBkmea4OKnpdd1B57ghRnIMV9cFhpWqApB5GBdluQ5lIEtQFvU4EA6w60DNF9urVCENQWpFsQtippwSEjRLsbSSfI8R5UL-CAt0O62O1e98wgL9sfjvGDv1dngzFM4pTFtWKlprY0XeKhngboHzIkHTMvuW98dmEpcnzup46QQL290qJUocI7NAYhiOlUTAnmLhKhvvMuxaOq72tEqyojeam9oufgl6TcuVeJ6yHcugejrYw2ccr0qNk6PqyHG95_ikizz4Gp8abUOnA70TPBr8Hxryj1GzF3iaobRCoqjl1NIpHgj64MA2vV1iKegff8jMcD8YIcpaavZPi_6Vv0Cgtp28khkZnx54o1O6WXRQDWbPQMXpB8TEkDinOCBuBfGyFsIzqxFC4KR5H8-PYuAC2bS6rKbSC_6sqmZX03ewI8LP8wLH8p-Jf1z7RjzBjomPk6dEwIBuy7PsG-s_Ne3Zr333N_3SaMreAgAA&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdQv3yW5ZcezEuTJoPMPp6KPsAu835z0XK6C25dSwI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE5AFP0AUVyzD88jXpEg66c5oDw8eCt6GbnkScnGULKOgS57jM4uCJgEQI5wUFIPqHo_9ZQ7LuvR5cGegNH1ABsYIwadAivrvpeT-kVDWBTVSTxSfFqQXYqbz6uUCozgV9uyl_NZvwWfRnp6TEgSA0hRTEscoIOFRLyV-oK9Hx_XLTSHwwK_i8YgeFLnV7dNyWunRNaNqfZXkom35cBkJZkFT5o-cgTfoeeODLBjK8gW1Tu2Bbi-sQXrpuBHK24QGHMPy7AMhZP5bCSErzik7tWDoz7Ou6Hv8_k4IzuoxcHXS2QTwuLoiABpHx6tad-szFwQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY2f2JkcaFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3PsY5QIMY_DToWcTcLzG9AyqtjDA%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9B1B) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
last-modified
Tue, 31 Oct 2023 12:11:00 GMT
server
ECAcc (mic/9B1B)
age
15976
etag
"3106171132"
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
17475
expires
Wed, 31 Jan 2024 16:37:52 GMT
displayproxy-20231031.js
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame 8782 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=6OMsDr-NEe6ghYLxPwNrew.1-1.MB
Requested by
Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=5945412734148800662&tm_auction_id=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&didtype=UNK&bi=B09SqE86xuZGU3K7AYylJ1Sgon-pr_kmBSlNxlJ0WapB2baJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGVSPWzTYBCt7SZpIyRKFAREQjIVEk2FHf_EX-x2KE2TJtA4juK0acvkxF-cT3Fi13bilLETYqzKEhZYgQm2LixMMCC1C-oIEkKwVB0zkTZFQuKGG0733j29d9OxA_vWU2Pl-HrPLA9iHwPheW_XhrRhWYYJNRu5dN1qJ2pI16FDL-sqdHrQKcOdLnS9yPPAzePJ2ehmA0Bud6e0VdZ60NCRodhg7uDzK4yLCiglb-_anQ2Uy8hold2oCr749sf3N1fT0UY9kzOaDSvVletdsd3azPfdfcyTrSfINLWEQDPkXBV1dMt3yWKFZBmaWSRHA5BcJPsgGSeXbduEVVhbQ15C4FM0D8i5tXxFLtwnTdSCZA7WW1acXGk6VhsmWG5EQANGkmiOS5Kq1tAcdIkbYCTHcA1NYFixJgCJh8mUJDWgBCQRSiktCYRD7DZQZDfjUMUsBEZzq9Av-UUH-jRLsbSc_oQR68W1IyzU7bQ6lt85wUL-WPwvjJ36MLgbieZlpi3JVbW1-UjarujgYZHzYmHTMn3LO7eZxKWJizpdOsOidrdGpUSOkVggMgzHiinADrFojU12GbacTSo9tZquaiMl6h5-DXpNyxV5nrIdS6d6GtjHZxyvRo2ToxrIcb3X-KSLPPgOnxptQ6cDvTM8Hv4fGgmOUbNXeJqh1OJySc0rlSEeCgdg3za9PWIpHBx_yMzgfThGrKuZ2fMW_yt_gUBtO31jdWR8tu-NTmlmyUF1mLsAlaafERMD4pLikLgXxtfVCL5aiBECJ84HeH4UAxfKZZUVJZNdCOYUJVfIPsCOiCDPCxzLfyP-ce0n8RI7Jb5ODomQDt2WZ9l3xJPHvw9ffCn9ATkmmGjeAgAA&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPXOx3yW5ZcevEr-1oPMPwYWnyA2835z0XK6C25dSwI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE5AFP0HdE4kTzioOb8j8_byj1_aj6q2dVR8zGCeBBM3iKVtg_Grh8wmZA0nVVrRkyGx8-6V4-BX0it4Va225SaWt_Kvyr1G1zrG7TBX5ncFwkZSN8Tb6GBzVSb9luYesOiTYfxndOO8I2ky1Bv-gzP2sgZoDNy1s5_i2HNAibFScen29tN1s-YUreaX-VYwGXJaB2kljxXjQz6NOtvh00n34Aq57W-fqX8GBVs_YeD97pzlf5N486L-_NaRYx6-u4sgJHZ7keWzF9LrD8PRhqU6fSwzs3e3CIFoFxu-6PWRA4f2s5TOyABpHx6tad-szFwQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYp_-JkcaFhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-cL7NJCUm_3jgKbSZgUMj7aRiaw%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9B1B) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
last-modified
Tue, 31 Oct 2023 12:11:00 GMT
server
ECAcc (mic/9B1B)
age
15976
etag
"3106171132"
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
17475
expires
Wed, 31 Jan 2024 16:37:52 GMT
all
csm.us.criteo.net/ Frame 5220 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=RSZEsAbvjpKHqw5sjTSgpHQnqsOaB8fffsI_GrmWAMgLzUGmULBZ3THz7zykbgq4XakaXOQDe92o2q7rfvqIoxFthq1UEWFLrVSxeV5HUu_0teZQVtKNnLG--IdwCu_ukWv71qGrQSA7R1-b9gP745HoHyagSAVNQQfSzhSN3S8NV6ndhJwXZMs6xaoJABnj51yxokJTWWSkojYRRr5mgXtKsL49-EszGxoY-vTbyiKr1nxmgHt2m6mmk9PtSlwW3lxvJw&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 Jan 2024 16:37:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5220 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEmhIIaA2VAATFwH8x82ljpQYe5scAfQ&u=%7CISTyji6OVmW%2FOkAgBsilBHe81C5wYISvnopfeabVOss%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaAHr5PIs7yZk8wUJV2EU_kmoOD52CGbXAo4Ftii950rm1YObOlQd6ooQDGjWQtMi5SHrVXWGzM_I-D2cEBtHPFLtNz4EypdZe2eJJwdCNk0hC7a0-mfzx_p1GgbRjdtgx_Cump3xI41Ry-hQUhHnubb9RE7gyAnddQwKJBYFK5PSUJYbyUtsUfPml1cNXmJf9JG8UiRJ70LuaII-9fnt3qsJiZ3QAIndA28GUZtsAGBdqRjYJxvafxPZAvvcgBPuhm1Wz8dwktyFtCt54S3HIV_TwFxBHdAw1r5EJPYEyPHI1Hlm9hUyBgg4Y9IOwA3uJ2QS1vN1Fq2QaKR4ckrTmXnHYhV8GTSw8kCgFPNM-yCRXZKnzjVGD7ysD6Gw_GwZMixlfYyDsAcupRWGooDfXG5gl-ZCCuivVq21ECMYWYzU9vJxQVQsGtl_zWy-D5fEU7LTDQ-Ux3ofrkcleEGEtltSW_k0PXJ7gVah4Ewnox_ixQCHngGq--Kl62aEHVuy39YusNh1tj5GbDXbNr7l0pf3IS085GCXQdeVoTEzdkW-l8GDLwIxlmsDKU5KvdtH2Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSYcq3yW5ZZK0EpWboPMPwIuT4A6cge-wXKLKp6p0wI23ARABIABgyYaAgMCkjBCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0DSYElwnJfOBdS6x5U_tJixqLiEyyPe6ZtHTv3efEH6xtesbX_TMoskUjYKSoy5-IIjDdzTehIDACAIh4S8RA7dpGWMmZ7njMcW8yzVY6t5_VMEjJdIJcAgWdjCcquQo1Y9wZkK3jQO3qtDAfwjB2aaRSMqOIKKuyBJ4zWRHLP6ljcruv1xNNzP0rLdUMilRkCLR72Y1LlIcqoeBi9ak2y-qu7f_1VDhpmEuYF7ucZQsKBakLbuEe8wZUQ3w9eH6h2nGXus4VzSLAiWSpbWsw_jm1nIju1Ov9fLdK0WepBwnVoAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WMyCipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3hXnkPKwZhOORSGQbEYvm5ERWVHQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 16:37:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5220 		0
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame D394 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 16:37:52 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame D394 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 16:37:52 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D394 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 24 Jan 2025 16:37:52 GMT
truncated
/ Frame CD62 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CE06 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
back_button2.svg
static.criteo.net/flash/icon/ Frame D394 		0
0
lg.php
cat.va.us.criteo.com/delivery/ Frame D394 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=ormCJIAc6Uhv1mEB-BrN-muAVB-wzTHouVBbENY7jtPmql6_GNyFpGtThdpNM2CnPsCvlHPvavKfKHTgw6ZCJSVjwPixY7OjZ9mpxK1JHmM3z1755wjFVvXDT8mHM7ToBY1MswxudNHU6IRaum9XSb4l5x4RfJbFi43t1QiYAlIv2sQPlKDs6sEJKZrUIMXH7zLdhTFBA6MIogWzLpM_r4FE0qg72FnPVx-YSuGiTdjksFP7zNCnAbasgtewwHmQhdCSEdTH5SkH_vAdakWtnoSHPeG9QU06pYheRAfqmMFFtPWIUGYGfbfN53EiQx2qX0jhUkkr8d70kz-RlKr-y4DYFISgCUlelGgF4pwsVORhWdHzb4-VUaOuivvfYhmWrGvl70ceognJCVLzMh8-lYiiKLCGK5WhfyweoGXRObMXfWz4EIz2z2bTbgWxPHNvO62vHQ
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 16:37:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1846041
expires
Mon, 26 Jul 1997 05:00:00 GMT
36b8712469604c9e83829d7f0e393ccd_image_ad_300x250.gif
static.criteo.net/design/dt/108469/5256011/ Frame D394 		57 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/108469/5256011/36b8712469604c9e83829d7f0e393ccd_image_ad_300x250.gif
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 25 Jan 2024 18:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"65b2a437-e8a8"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
59560
expires
Fri, 24 Jan 2025 16:37:52 GMT
all
csm.us.criteo.net/ Frame D394 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=n6afAQbvjpKHqw5sdQAjqO4mH9DhGcdqaRBwIOoALSEan896tGyy6nRFuR6Xsy_l9Srwhly7yZje-8wTkesTl7-RRY63MexM0WvgDN-mnWU8yFAdVua1D_N_yLfgr5OXnTkoyBpva9W5fUzFWx8b2UjOftytri6aAgNMzcvzLhQcDazh7mxS8IXL1_5X-ddxcIBaBJQI-sP7p3LB8GJGCHW2tG2TJT4U9RsmyCZkpxNqVYYyfIL0QBlcTvnmJQ_6cQ-tjQ&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 Jan 2024 16:37:51 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D394 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Zbkl3wAEm3EIaCWKAA_WtWQnDy7U6gc7PYVlZg&u=%7CISTyji6OVmW9pzoQEg1k9AfPmw9Y9PQjQ%2Bmn21gPZ2g%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaC1BcwIaX16mKCGYi6kWoJrNQqOZILwIv8FHLCimXkwSb2P-jEltw7wK3qPyr60UuTkoT7Rsu7S2ruKFNEW4g1Yb585LkRbVh21I58oc-XkvjMk1wisMlXhAkvrlXg6Z920PnEC06H4zFHbOXS8PNAyKkhexHDnnIUV0VttKMMB6E_sm8C2wSxO273Zqu391kayTG18ymSWVzcMlVSpA-HdpDfAA5S3e70j8B0mfCHLnCCMCuAlrVnpU45WuCm-qiQJe5nmXLqY-_ygPDghAZavcY6-CiVw8f0SaIOjV9d1FgaEzAr43eOaQx-xpvnb0HAgaVlcMB57ljAhe5XWR2OIH0xoDM4qxH-PToezHxX9ZCl34GqXjF0tXKpRkPMwuRzm8xB6EwnVA4yD4Krlh6N8i2w_72jgvZCDFgb_-jLjRUjTOnr25LYgbEwdVVe51pUlDMEO8-OuobbJKPtWRU148_IgyrRubvY4R0T2UY53JdZthv-R1cNaAi3iwM4XuI3VaIPbjqpUQoWufmdriymDCoAUxoXQjEH4G2_58diGA4YoWyuNpBQF9AWnwGxIE5Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv4Og3yW5ZfG2EorLoPMPta2_sAmcge-wXKLKp6p0wI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0AhykRgDDeIdK1oIYNP3P9foR5zwI6ajP2hF-FXP0IkxyILb1wHqZhHZQB0XwX5YFfoHUutccoIe9WESUS0nf5LhdiCZVHckZyfdWv16ICFqYdPIn-bzxjnOJKtbkp8LEdiwrY7Yps-gF6cNN7bzqXiNJbBA-LUq1zl_TLV_NFlowIxQfuva2TC5yqJx1QXrhQCWy8IEVcDo79FzrGs1Z98GFyDYlAaNx3ogE555gucrFw-yAEV6elr1SMMSkWn1ICjgixu9zzgIH_6yEoZV5PNmypKfNqVjYYyE02ouVwxrtYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJiAipHGhYQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_09aXAXgu1gmXEI87WXSarM_j-Zww%26client%3Dca-pub-7820916800218761%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 16:37:52 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D394 		0
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8E6B 		0
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZgte3yW5ZcezEuTJoPMPp6KPsAu835z0XK6C25dSwI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4QFP0AUVyzD88jXpEg66c5oDw8eCt6GbnkScnGULKOgS57jM4uCJgEQI5wUFIPqHo_9ZQ7LuvR5cGegNH1ABsYIwadAivrvpeT-kVDWBTVSTxSfFqQXYqbz6uUCozgV9uyl_NZvwWfRnp6TEgSA0hRTEscoIOFRLyV-oK9Hx_XLTSHwwK_i8YgeFLnV7dNyWunRNaNqfZXkom35cBkJZkFT5o-cgTfoeeODLBjK8gW1Tu2Bbi-sQXrpuBHK24UOFEG4Z3E0v1xPBy6exAItzbRI6wvMa5GJJeyXlpKBEyOdDA7aABpHx6tad-szFwQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY2f2JkcaFhAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzgyMDkxNjgwMDIxODc2MRgA&sigh=PJlAsFJJBc4&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_-oYr8js7QX3l-EWGuFrMATo5kms-gh5aJRYtWuzA4FBgYXKvIeHKMkwizRAmUdrCLNL1Tz5u-I1mRqmfhJb34A5MGaojNOKRX4YYAQ&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 30 Jan 2024 16:37:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jan 2024 16:37:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CD62 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqEFC3yW5ZcevEr-1oPMPwYWnyA2835z0XK6C25dSwI23ARABIABgyebQi8Sk_A-CARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4QFP0HdE4kTzioOb8j8_byj1_aj6q2dVR8zGCeBBM3iKVtg_Grh8wmZA0nVVrRkyGx8-6V4-BX0it4Va225SaWt_Kvyr1G1zrG7TBX5ncFwkZSN8Tb6GBzVSb9luYesOiTYfxndOO8I2ky1Bv-gzP2sgZoDNy1s5_i2HNAibFScen29tN1s-YUreaX-VYwGXJaB2kljxXjQz6NOtvh00n34Aq57W-fqX8GBVs_YeD97pzlf5N486L-_NaRYx66m6kpDluzxos7R-rV2-t930Zo_b7SOXge3-_ianpcKXjIPNPeGABpHx6tad-szFwQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYp_-JkcaFhAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzgyMDkxNjgwMDIxODc2MRgA&sigh=MJZ4izQKIcE&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_4FSKF8H-z8zwewu_y3zT4qjN8XGUMi7HPNrN6NTU6WeFoQtWvsA0p6N8ZwksM0ezaUhSsSQ3og8LHIt8wLvbXZ_81kZBi80RgAAYAQ&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 30 Jan 2024 16:37:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jan 2024 16:37:52 GMT
/
servedby.flashtalking.com/imp/8/227887;8013078;201;js;AdobeAdCloud;FPLHomeFPLES11258Surge160x600/ Frame 615F 		0
0
pixel
cm.g.doubleclick.net/ Frame 7EB8
Redirect Chain
  • https://rtd-tm.everesttech.net/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1
  • https://rtd-tm.everesttech.net/ct/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1&_test=Zbkl4AACeUwbaQBI
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJrbDRBQUNlVXdiYVFCSQ
0
0
renderstart
statsf-tm.everesttech.net/stats/1/ Frame 7EB8 		85 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/renderstart?mpKey=Xf6e2yqPYRavegdigOp6&PG=F&psId=HM0m9MWSkXJ9ZTd6IN2t&s=H4sIAAAAAAAAAAEQAe_-wrc31c4Pt2u-9V0BpayehI-QTAc5R-Yfxpv3B2Sg-WOHDFQUuawywvFIdIg9Ul3zbLWIAJ5Vpzjk6S_63btFISNVsYFLBa-TcjNPpIzXIhUTua4tho96nqN5eV_bsaztiasLngNHo0Jw75wVpeX6L3nqIjWb9U96nQ4E2Gxwlx0ray4Cr0Kbzpr5_jmdngZtsYgT_R5lS2uZs_T5zcrXJ-RHU3k3JCJasU3UVZSt3pDUsCP2cyQRPp6KuytRP3LmcY7M2remVqi7qpcHzWzHL2VznFUbiEr7kyN44sIlfYUtf8lY22IdPfCrtJfdSq7skiE4pTP28fOPWR6w6zf0zm0FwdWQeC8wj8-iMSiTYIzf_3rgEAEAAA&seller_id=pub-7820916800218761&did=&didtype=UNK&rt=HTML5&adKey=fcDGghfo7uMcu8mkXHxs&bi=B09sWklQ5N4zidZhenyRmuFMTlIH_ksaVnVz6mx_hxnMcjaJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&vinst=t&date=1706632671718&auth=dd32d229e588dc94973ad404be3b8424&cpKey=5i7MZypnViGDMiF1VW5w&price=&conn=ethernet&sessId=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&env=site&burl=about%3Ablank&rurl=https%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jan 2024 16:37:52 GMT
via
1.1 varnish
x-pt
P=571
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-East
content-length
85
x-served-by
cache-mia-kmia1760056-MIA
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Tue, 30 Jan 2024 16:37:52 UTC
rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame 7EB8 		85 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsf-tm.everesttech.net/stats/1/rendercomplete?mpKey=Xf6e2yqPYRavegdigOp6&PG=F&psId=HM0m9MWSkXJ9ZTd6IN2t&s=H4sIAAAAAAAAAAEQAe_-wrc31c4Pt2u-9V0BpayehI-QTAc5R-Yfxpv3B2Sg-WOHDFQUuawywvFIdIg9Ul3zbLWIAJ5Vpzjk6S_63btFISNVsYFLBa-TcjNPpIzXIhUTua4tho96nqN5eV_bsaztiasLngNHo0Jw75wVpeX6L3nqIjWb9U96nQ4E2Gxwlx0ray4Cr0Kbzpr5_jmdngZtsYgT_R5lS2uZs_T5zcrXJ-RHU3k3JCJasU3UVZSt3pDUsCP2cyQRPp6KuytRP3LmcY7M2remVqi7qpcHzWzHL2VznFUbiEr7kyN44sIlfYUtf8lY22IdPfCrtJfdSq7skiE4pTP28fOPWR6w6zf0zm0FwdWQeC8wj8-iMSiTYIzf_3rgEAEAAA&seller_id=pub-7820916800218761&did=&didtype=UNK&rt=HTML5&adKey=fcDGghfo7uMcu8mkXHxs&bi=B09sWklQ5N4zidZhenyRmuFMTlIH_ksaVnVz6mx_hxnMcjaJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&vinst=t&date=1706632671718&auth=dd32d229e588dc94973ad404be3b8424&cpKey=5i7MZypnViGDMiF1VW5w&price=&conn=ethernet&sessId=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&env=site&burl=about%3Ablank&rurl=https%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jan 2024 16:37:52 GMT
via
1.1 varnish
x-pt
P=263
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region
US-East
content-length
85
x-served-by
cache-mia-kmia1760056-MIA
pragma
no-cache
server
Jetty(9.4.35.v20201120)
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Tue, 30 Jan 2024 16:37:52 UTC
aac_viewability-ab8b7a.js
playtime.tubemogul.com/ud/prod/pullins/ Frame 7EB8 		0
0
pixel
cm.g.doubleclick.net/ Frame 8782
Redirect Chain
  • https://rtd-tm.everesttech.net/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1
  • https://rtd-tm.everesttech.net/ct/upi/?sid=AclwKyoEoOYVu9le9U85&cs=1&_test=Zbkl4AAANI24pwBJ
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJrbDRBQUNlVXdiYVFCSQ
0
0
/
servedby.flashtalking.com/imp/8/227887;8013078;201;js;AdobeAdCloud;FPLHomeFPLES11258Surge160x600/ Frame 9276 		0
0
renderstart
statsf-tm.everesttech.net/stats/1/ Frame 8782 		0
0
rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame 8782 		0
0
aac_viewability-ab8b7a.js
playtime.tubemogul.com/ud/prod/pullins/ Frame 8782 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CD62 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F12F 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CE06 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E6B 		0
0
Primary Request /
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/ 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a035dd2641fbc3e3b6ca69aba2aef90cf521c9ee53e9aaafdcb01b37acf5b93
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://happy-dune-05109f110.4.azurestaticapps.net/?bcda=+1-888-682-5032
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
content-encoding
br
content-type
text/html
date
Tue, 30 Jan 2024 16:37:51 GMT
etag
"57050848"
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
pstyle.css
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/pstyle.css
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e17862e4b3afc86e60f904cde105bc0cc57a60096bcda198e821123ddc442bf5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
x-content-type-options
nosniff
etag
"57050848"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126954833-1
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8045116acd15e9b4d61d27ee15ca3e4a7506a7b983b15cc58fd6dacdc9b64491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69550
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jan 2024 16:37:52 GMT
msmm.png
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/ 		168 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/msmm.png
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
etag
"57050848"
x-dns-prefetch-control
off
content-type
image/png
cache-control
public, must-revalidate, max-age=30
content-length
168
x-xss-protection
1; mode=block
dm.png
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/ 		332 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/dm.png
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
etag
"57050848"
x-dns-prefetch-control
off
content-type
image/png
cache-control
public, must-revalidate, max-age=30
content-length
332
x-xss-protection
1; mode=block
cs.png
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/cs.png
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
etag
"57050848"
x-dns-prefetch-control
off
content-type
image/png
cache-control
public, must-revalidate, max-age=30
content-length
2681
x-xss-protection
1; mode=block
re.gif
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/re.gif
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
etag
"57050848"
x-dns-prefetch-control
off
content-type
image/gif
cache-control
public, must-revalidate, max-age=30
content-length
14751
x-xss-protection
1; mode=block
wall.png
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/images/wall.png
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
etag
"57050848"
x-dns-prefetch-control
off
content-type
image/png
cache-control
public, must-revalidate, max-age=30
content-length
1045
x-xss-protection
1; mode=block
pscript.js
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/js/pscript.js
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4ef01e4af70d28c3a12c54ed17c9ca0b8d1a5b39b42dde46ce7206000f947edf
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
x-content-type-options
nosniff
etag
"57050848"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
jquery-3.2.1.min.js
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/js/jquery-3.2.1.min.js
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba7d154e5ef77906946f6ae267c919a96df47cf7abbb1f7f4fb36a434493ee65
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
x-content-type-options
nosniff
etag
"57050848"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/javascript
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
5f205bb74a5eb_v.css
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/ 		215 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/5f205bb74a5eb_v.css
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bde6a5369760d9427c6d72a624f3087740cfbe00cb421f381cff78733d0fe52e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
x-content-type-options
nosniff
etag
"57050848"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
froala_style.min.css
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/froala_style.min.css
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
x-content-type-options
nosniff
etag
"57050848"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
5f205bb63ccd2_v.css
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/ 		215 B
219 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/5f205bb63ccd2_v.css
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2e3bab239ceeccef12af09a16dad170ced312a26e918b8b6ee808e150dc598f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
x-content-type-options
nosniff
etag
"57050848"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
5f205bc497791_v.css
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/ 		215 B
221 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/css/5f205bc497791_v.css
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eeea3053ace1602a6f2582bcccb90fac1191ecce1c49a0370bef53299a7b44a6
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
content-encoding
br
referrer-policy
same-origin
strict-transport-security
max-age=10886400; includeSubDomains; preload
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
x-content-type-options
nosniff
etag
"57050848"
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
text/css
cache-control
public, must-revalidate, max-age=30
x-xss-protection
1; mode=block
website2.png
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/images/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/images/website2.png
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:51 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
etag
"57050848"
x-dns-prefetch-control
off
content-type
image/png
cache-control
public, must-revalidate, max-age=30
content-length
113635
x-xss-protection
1; mode=block
audio1.wav
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/media/ 		263 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/media/audio1.wav
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.22.31.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 15:21:16 GMT
etag
"57050848"
x-dns-prefetch-control
off
content-type
audio/wav
Content-Range
bytes 0-1278647/1278648
cache-control
public, must-revalidate, max-age=30
Content-Length
1278648
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1580F9LHCL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126954833-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2decb9fb7070a8603c786835ff28ec187262b4765277c709c2640dd18cef4fbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81725
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jan 2024 16:37:52 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126954833-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Jan 2024 15:49:56 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2876
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Jan 2024 17:49:56 GMT
collect
www.google-analytics.com/g/ 		0
189 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1580F9LHCL&gtm=45je41o0v9118424630&_p=1706632672398&gcd=11l1l1l1l1&dma=0&cid=488265588.1706632673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1706632672&sct=1&seg=0&dl=https%3A%2F%2Fhappy-dune-05109f110.4.azurestaticapps.net%2Fwerrx01USAHTML%2F%3Fbcda%3D%2B1-888-682-5032&dr=https%3A%2F%2Fhappy-dune-05109f110.4.azurestaticapps.net%2F%3Fbcda%3D%2B1-888-682-5032&dt=Security%20Require%20Action&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=581
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1580F9LHCL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 16:37:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://happy-dune-05109f110.4.azurestaticapps.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=525603063&t=pageview&_s=1&dl=https%3A%2F%2Fhappy-dune-05109f110.4.azurestaticapps.net%2Fwerrx01USAHTML%2F%3Fbcda%3D%2B1-888-682-5032&ul=en-us&de=UTF-8&dt=Security%20Require%20Action&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=787740049&gjid=683839282&cid=488265588.1706632673&tid=UA-126954833-1&_gid=2012971923.1706632673&_r=1&gtm=457e41o0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1654444956
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 16:37:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://happy-dune-05109f110.4.azurestaticapps.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
userstatics.com/get/ 		133 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://userstatics.com/get/script.js?referrer=https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/?bcda=+1-888-682-5032
Requested by
Host: happy-dune-05109f110.4.azurestaticapps.net
URL: https://happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML/js/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.53.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:37:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rP3kdfySh5paInNypjPs9rAGycu8M7oioAZ0DI%2BdGatE5WmCxpUirwq2E2ffWaqJ7pZGvJQ6ArEkM%2F9VER6I%2FR0zQoueSryIJGTvY0gWo9b1JVKy0kTq6AT8Ba4oWjRm%2FdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
84db2462bdc94c31-MIA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/privacy.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/back_button2.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/privacy.svg
Domain
servedby.flashtalking.com
URL
https://servedby.flashtalking.com/imp/8/227887;8013078;201;js;AdobeAdCloud;FPLHomeFPLES11258Surge160x600/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20240130113751%3Ad%26s_kwcid%3DAC!fcDGghfo7uMcu8mkXHxs!5i7MZypnViGDMiF1VW5w&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=6OKPmL-NEe6DJMpN7FUD5A.1-1.MB&cachebuster=291234.4678941685
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJrbDRBQUNlVXdiYVFCSQ
Domain
playtime.tubemogul.com
URL
https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJrbDRBQUNlVXdiYVFCSQ
Domain
servedby.flashtalking.com
URL
https://servedby.flashtalking.com/imp/8/227887;8013078;201;js;AdobeAdCloud;FPLHomeFPLES11258Surge160x600/?ftx=&fty=&ftadz=&ftscw=&AdobeAMO=ef_id%3D%3A20240130113751%3Ad%26s_kwcid%3DAC!fcDGghfo7uMcu8mkXHxs!5i7MZypnViGDMiF1VW5w&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}&ft_partnerimpid=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&cachebuster=796173.3203769996
Domain
statsf-tm.everesttech.net
URL
https://statsf-tm.everesttech.net/stats/1/renderstart?env=site&mpKey=Xf6e2yqPYRavegdigOp6&rt=HTML5&auth=dd32d229e588dc94973ad404be3b8424&price=&adKey=fcDGghfo7uMcu8mkXHxs&PG=F&sessId=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&s=H4sIAAAAAAAAAAEQAe_-9kKcsR8cOQawThvsco2xfy6sPe_oGt8g1L1pyuBbUskiOUGv22cLsY30owTEoHXkTRHPADQrW28l5TxkEdVjWjB49dXU3BxaiG9sYwq_M-RLe6PH51Br_bLgDPu-z1Mm8Igds_fK-wtsW-EyLjdtUkHeF1Xm3G43cyXCRSOMXhjvTCl8lYAnSMAJLTxIkwn15VCnZe7rNDRuUC_GAt3evFXTzYZlCrMiGXLzVMEPXBi-QJ5yf15FkBo48iqumZVK_VpFpVZyQiWR0T4mVMgzsgkBpig-NO0Exvs2AHWIHyKIkIIXfRL7_6htIRtVmRqholfXF3xkwmLoOsvK5yIyUjSBjO58MANayKCJD42Ujx9ifGyCEAEAAA&didtype=UNK&date=1706632671718&psId=HM0m9MWSkXJ9ZTd6IN2t&did=&vinst=t&cpKey=5i7MZypnViGDMiF1VW5w&conn=ethernet&seller_id=pub-7820916800218761&bi=B09SqE86xuZGU3K7AYylJ1Sgon-pr_kmBSlNxlJ0WapB2baJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&burl=about%3Ablank&rurl=https%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Domain
statsf-tm.everesttech.net
URL
https://statsf-tm.everesttech.net/stats/1/rendercomplete?env=site&mpKey=Xf6e2yqPYRavegdigOp6&rt=HTML5&auth=dd32d229e588dc94973ad404be3b8424&price=&adKey=fcDGghfo7uMcu8mkXHxs&PG=F&sessId=6OMsDr-NEe6ghYLxPwNrew.1-1.MB&s=H4sIAAAAAAAAAAEQAe_-9kKcsR8cOQawThvsco2xfy6sPe_oGt8g1L1pyuBbUskiOUGv22cLsY30owTEoHXkTRHPADQrW28l5TxkEdVjWjB49dXU3BxaiG9sYwq_M-RLe6PH51Br_bLgDPu-z1Mm8Igds_fK-wtsW-EyLjdtUkHeF1Xm3G43cyXCRSOMXhjvTCl8lYAnSMAJLTxIkwn15VCnZe7rNDRuUC_GAt3evFXTzYZlCrMiGXLzVMEPXBi-QJ5yf15FkBo48iqumZVK_VpFpVZyQiWR0T4mVMgzsgkBpig-NO0Exvs2AHWIHyKIkIIXfRL7_6htIRtVmRqholfXF3xkwmLoOsvK5yIyUjSBjO58MANayKCJD42Ujx9ifGyCEAEAAA&didtype=UNK&date=1706632671718&psId=HM0m9MWSkXJ9ZTd6IN2t&did=&vinst=t&cpKey=5i7MZypnViGDMiF1VW5w&conn=ethernet&seller_id=pub-7820916800218761&bi=B09SqE86xuZGU3K7AYylJ1Sgon-pr_kmBSlNxlJ0WapB2baJdWSBxu6fY0B1KsloPZmeP-WGpTv8-om-tOuYc1siI3awrHwnh4NQTwthOvYX4aY6o9uvfYdZXQitM4r7HmSHeVvfMEEm6PCY92CvbYhrM8ZnV-ICooege5-LADXstIYHY9SB_9R5tgrbnXLtvmWRL75trRElH4Qw3-UJxaisXMgp9LMDHl8gJ8iYw4p3-4&burl=about%3Ablank&rurl=https%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Domain
playtime.tubemogul.com
URL
https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7dOVwWBNTYXUm4oRM6kruYbKdtGmW_kAA4I2NEwFpmy1Oh4yD0q37qvebCZYaSHBWurKNCriTD3NSZcmLSwHm7yM3ekpEJWVbq54L0MZIkfZAdEPGElM&sig=Cg0ArKJSzCW1zO8mSjciEAE&id=lidartos&mcvt=163&p=0,0,600,160&mtos=163,163,163,163,163&tos=163,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=170663267200&rst=1706632671139&rpt=928&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxOCzHvAil3tvvNHfnRvq-kLGn_278M26x6hwpCjqPhfp17zddGUdpG0pW9zFRk5wuoFM_Tc41j7v7sbcHopX5VwL5Eg-xEnd0wUa8hCkI6Bvq-2cmQG0&sig=Cg0ArKJSzB2m6gszUAzFEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=170663267100&rst=1706632671141&rpt=808&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=16
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKWPTm282NfbB9obXel_UorDq8qkzOltbSzj0duVyZAAGnEtbzz1PCUqvGTWqAXgQ3ESYK_S_MaCBIuXGwGMx1knlaoF6X6NEz6FDTxwSyxyqpwSVXMf0&sig=Cg0ArKJSzFbLgNyWoUe9EAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=170663267200&rst=1706632671143&rpt=897&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=16
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujrWWcoRJMwZDZd25rEqMNq7xTzYxbVcvCV2Wj0F3nifJFEjHnsvCzlfQ_PYJZ_nCVBpzsjDKwLs_NB5VXZPFsjnQma96P2fEvwwxarQ7WODlDfIMJawU&sig=Cg0ArKJSzB3vhj7J7tg8EAE&id=lidartos&mcvt=231&p=0,0,600,160&mtos=231,231,231,231,231&tos=231,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=170663267100&rst=1706632671656&rpt=351&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| getVariableFromURl string| bcda function| showBlueDescriptionPopupWithDelay function| showerrorTelecast function| closeFirstPopup function| changeBackground function| showDisclaimerPopup function| cancelFirstPopup function| okFirstPopup function| simulateF11Key function| showBlueDescriptionPopup function| showSecondPopup function| showSupportNotificationWithDelay function| hideSecondPopup function| showKeyCodePopup function| submitKeyCode function| closeSecondPopup function| getRandomSupportResponse function| handleSuggestion function| getSupportResponse object| modal object| btn object| span number| e number| isNS function| mischandler function| mousehandler function| $ function| jQuery function| myFunction function| addEvent object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

9 Cookies

Domain/Path Name / Value
happy-dune-05109f110.4.azurestaticapps.net/werrx01USAHTML Name: PHPREFS
Value: full
.buzzstormer.com/ Name: __cf_bm
Value: vfS1JhKaVe4UWgDVmTzuzJHqa6VQ8gxSfA8gUUn3ZP0-1706632670-1-AZbgHwRuCsO5buWj0XVlFMtNMi2JnmfcK4LbuQAWbQui11ex+/xGjCy8EAiCxLJp5fKgQQH+wOqzWsbUe9GPjyQ=
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zbkl4AACeUwbaQBI
.everesttech.net/ Name: ev_sync_enc
Value: MjAyNDAxMzA_Mzo6MzA
.doubleclick.net/ Name: IDE
Value: AHWqTUm0Spa2pd9-ESYN3mkVbLOn6cybbrhtqEHBPMyZrcqGNSndNDJSlQIj0kjbKPI
.4.azurestaticapps.net/ Name: _ga_1580F9LHCL
Value: GS1.1.1706632672.1.0.1706632672.0.0.0
.4.azurestaticapps.net/ Name: _ga
Value: GA1.3.488265588.1706632673
.4.azurestaticapps.net/ Name: _gid
Value: GA1.3.2012971923.1706632673
.4.azurestaticapps.net/ Name: _gat_gtag_UA_126954833_1
Value: 1

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
buzzstormer.com
cat.va.us.criteo.com
cm.g.doubleclick.net
csm.us.criteo.net
displayf-tm.everesttech.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
happy-dune-05109f110.4.azurestaticapps.net
pagead2.googlesyndication.com
plausible.io
playtime.tubemogul.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
servedby.flashtalking.com
static.criteo.net
statsf-tm.everesttech.net
tpc.googlesyndication.com
trkrcom.com
userstatics.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
pagead2.googlesyndication.com
playtime.tubemogul.com
servedby.flashtalking.com
static.criteo.net
statsf-tm.everesttech.net
104.21.53.38
141.193.213.11
151.101.194.49
151.101.66.49
20.22.31.128
23.22.198.224
2606:4700:3037::6815:5870
2607:f8b0:4004:c06::66
2607:f8b0:4004:c07::61
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c19::9a
2607:f8b0:4004:c1b::5e
2607:f8b0:4006:80e::2001
2620:100:a001::16
2620:100:a001::24
2620:100:a001::4
2a02:6ea0:c454::1
72.21.81.64
74.119.119.147
002d4e61d6efae0d93d62d4c12576e427302f32361e675aaffa3691ecd9ae17d
01a6d44f7420fa491c7af252f08b57de4ac1c9cdae68032fcec67c304719e604
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
118af57643cc8ecfaf7f820f7f756161011a073838541e3555da84aeb6357070
14376c90b1f807adf65110e16fccb21e57f814a8ba20ef658841aade579a3c45
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
203846a817f7155e6db77ff4bdca3665e0adbe529c038a6dc74ec4c08546fa59
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2decb9fb7070a8603c786835ff28ec187262b4765277c709c2640dd18cef4fbf
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
31e4b090f72d822ea70575a337f5c08c1d079223cd0e583803bf2447973b9719
377f1891bbb96018760255b8346fbbdf1d59f39a4741f6a35ebaf2909c54b45e
3845834c60090d92c7cb03b8c14504e12b40b5aec08255c9cbc2db5dc1e5a135
4acc7ff03019c152c16ddbbe3e5fc6e351fbbebbdc5824d7f898f33846caf066
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4ef01e4af70d28c3a12c54ed17c9ca0b8d1a5b39b42dde46ce7206000f947edf
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
61ab4037eaa4e4aef207e48b3483b04e172b6cd1e26a2681785950e534dc47be
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71e84f4b3a46857e0ee497d4890e8a90ba4889e3c72d3c39a1ea7f78c1f8065b
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
8045116acd15e9b4d61d27ee15ca3e4a7506a7b983b15cc58fd6dacdc9b64491
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
98547c580a376d561d0ad0752b2ed18f2f10a88accfe19135420f10c8988f188
9a035dd2641fbc3e3b6ca69aba2aef90cf521c9ee53e9aaafdcb01b37acf5b93
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
b2e3bab239ceeccef12af09a16dad170ced312a26e918b8b6ee808e150dc598f
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
b92f322d2b2f93fb954c566c27845daa1608485d8f37bed817217f9cc278d2f0
ba7d154e5ef77906946f6ae267c919a96df47cf7abbb1f7f4fb36a434493ee65
bab9afc3ca39147f33ff6c831d05440d080b957f884a2e1df05fcbdb93382760
bde6a5369760d9427c6d72a624f3087740cfbe00cb421f381cff78733d0fe52e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e17862e4b3afc86e60f904cde105bc0cc57a60096bcda198e821123ddc442bf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
eeea3053ace1602a6f2582bcccb90fac1191ecce1c49a0370bef53299a7b44a6
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f7d8ba3f70422ccb7ae935a2eec8300a0d50eae89c28d6f8f8b607947e592725