lookbook.nu Open in urlscan Pro
104.21.72.164 Public Scan

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

sffe /

Resource Hash

9a623475b7c0a3790da852cb56b6eeb3be241bf93491f602d0995f9726a72865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28507
x-xss-protection: 0
server: sffe
etag: "1326 / 385 of 1000 / last-modified: 1662502538"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 07 Sep 2022 06:27:44 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 166 KB
43 KB 638ms
225ms Script
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8efa950be6d28aa1103053638a776ab8f2dcda011254bab316bc409018714e33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:54:31 GMT
content-encoding: gzip
etag: W/"350e165fc9b88312c43a9ba90eba4e3d"
last-modified: Thu, 01 Sep 2022 20:50:54 GMT
server: AmazonS3
age: 1994
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b0b2bb3b21ed20feab951c611319321e.cloudfront.net (CloudFront), 1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: SIN52-C2, SIN2-P2
x-amz-cf-id: 3vHmMaznoAd4KjF2lYkG4JgO7KPw3BwdmK0-NVGOGKIynXsxN-h7xA==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 619ms
204ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

041f2750853864adf2b890f18998014ee7da30e829b524f2d1210a2a57502adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9rrxHvi2/53cqPpgCVjFpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: ID1Tk+COWYWewcfjs7uycV9eXh0GL7bCPwxLKXO62TBYf3noz7x8UtYj8VFJg57eF1Df8QNk7j7gH5D3tyR11g==
x-fb-trip-id: 2050670934
x-fb-content-md5: 431c7992a335d21ccd768cc57b75edfa
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 07 Sep 2022 06:27:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "80916bb68c9df32fc761df9b47e2abbf"
timing-allow-origin: *
expires: Wed, 07 Sep 2022 06:29:14 GMT

GET
H2 200 ProximaNova-Regular.woff
lbstatic.nu/assets/ 85 KB
86 KB 315ms
108ms Font
application/font-woff 104.26.0.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Regular.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f73ec26d9716363ea8ea73560d10f91d63cf18e32103bcead35559ba1ac361

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 6259
etag: W/"628c3598-155b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYcCHEwn867CUw72NnT2n0wxrB%2B36amuvq0PDhxz7wpdbThbfxXQvHldwQ2z0lrR1BOyd7qWeWSEJpYUEEYeZOC1jKF4pHBlxl4w0Zjz4aZy9YGsXrOBJecuzIPS"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746d6158999aaac9-SYD

GET
H2 200 ProximaNova-Bold.woff
lbstatic.nu/assets/ 76 KB
76 KB 419ms
213ms Font
application/font-woff 104.26.0.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Bold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfab6a75576c6827a6d5dd7f823e993678ee3161fed858ca4bb51ae8ce96677

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 6259
etag: W/"628c3598-12e63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FwTh%2B9E9PzbvuF320XVobvpA22PBlFw3bKltw6f%2FbmRvxjinkdn88hUz5jy%2Bps0oZITfVtJOO8eNaO4T%2BMa%2FA4OnXbIXAP2tS39lfA7HAG%2FZupWK02Yvdx07J82"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746d6158999baac9-SYD

GET
H2 200 ProximaNova-Semibold.woff
lbstatic.nu/assets/ 80 KB
80 KB 414ms
210ms Font
application/font-woff 104.26.0.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Semibold.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299920669c7ec8c0add3c58f21eea89871a531545df0b8d70c46db2f44ff4cc4

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
age: 6259
etag: W/"628c3598-13e7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB%2FxK0fj5175idM11w7MUtLLWBSwtIJzL0zb31cnZg4WXMqu6UJC9R%2BY22PA%2BkCsZVf8FGWC3%2B3PkGezWKvJaRx8xV39pvqw8%2BT0glF9OGFOsZzF%2BH2XjsvMTnzl"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746d6158999eaac9-SYD

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 585ms
194ms Script
text/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1746
date: Wed, 07 Sep 2022 05:58:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 07:58:38 GMT

GET
H2 200 new_sprite.png
lbstatic.nu/assets/ 26 KB
26 KB 472ms
472ms Image
image/png 104.26.0.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/new_sprite.png?cb=9
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca1fb4990a3abf9e6bba05433ed88ac85bfc8471a273c9c306a7685ace89d26

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-6771"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNWqwGqRhiy1HDDiV19kfR60ijxPqi95ZbQPcPqp9E%2BLhKuepqMr5g31XkGiRG8B2yYx2Qj72NCmbn%2F%2ByDga8T6ITF0LUWyVwVHFiJp%2Fgrj8yGeVT4LHGdKXI80X"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746d61578838a820-SYD
content-length: 26481

GET
H2 200 ProximaNova-Light.woff
lbstatic.nu/assets/ 91 KB
90 KB 661ms
491ms Font
application/font-woff 104.26.0.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/ProximaNova-Light.woff
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 202f5a44ef1b1fac13c36c93eee29c52cd61f6e4f3f3ccbc35ce23683cc605bd

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: W/"628c3598-16c17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaKU6d28ZjFDIxH0Xo%2B7g1nJB%2BuemGf%2BoSxdGAmDqX1DO8LlF1kM5su3WrtgHFugKlDa1XCC8%2FKuDE%2FwE4zI3DpGG1u25Hmp923AK7EqZq7XI1CkJXyI%2Bdthc5Xg"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 746d6158999faac9-SYD

GET
H2 200 fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2
lbstatic.nu/assets/ 55 KB
56 KB 381ms
211ms Font
application/octet-stream 104.26.0.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lbstatic.nu/assets/fontawesome-webfont-6a928d6875c980852c3823caf78dfc43.woff2?v=4.3.0
Requested by: Host: lbstatic.nu
URL: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://lbstatic.nu/assets/application-e4fe603c2b70ce160ad7d335edb27021.css
Origin: https://lookbook.nu
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
cf-cache-status: HIT
last-modified: Sun, 15 Jul 2018 18:53:39 GMT
server: cloudflare
age: 6259
etag: "5b4b9833-ddcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnlPkMfaWggbeyUVk4vPaNwYgyBFbmunLUFJP%2BM2DJRT3G3GPBPPBW8EufYSEBwmL3Tw747bRe5kafmFqoNoTZDhVXabgas99cm7LmIFyCLkHnhYkmXIV8Zg%2FMi%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746d615899a0aac9-SYD
content-length: 56780

GET
H2 200 rules-p-15_abpQY22gxg.js Show response
rules.quantcount.com/ 209 B
692 B 604ms
200ms Script
application/javascript 13.33.33.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-15_abpQY22gxg.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-127.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f18603569ccd052775409baed22faf7d0577c3577e812822e1d31f580545fefa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:15:31 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
age: 734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Mon, 22 Aug 2022 14:06:41 GMT
server: AmazonS3
etag: "a952b857d73c8d9ec8c074944566310f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: SIN2-P1
accept-ranges: bytes
x-amz-cf-id: cflrzlLjZuJSRfyWFRD7Lj-BrStkY1BZv7Xf6_NRpvLIgWl8nibXbw==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 622ms
205ms Script
application/javascript 13.224.250.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-43.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 06 Sep 2022 07:26:28 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 82877
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: SIN52-C2
x-amz-cf-id: Veb2dfx0hmUkzpfy85KqEaAb0W6lgdtUXCh2Iddg4o4rBDmxsdeQHA==

GET
H2 200 bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
lbstatic.nu/assets/ 294 B
609 B 297ms
296ms Image
image/png 104.26.0.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbstatic.nu/assets/bubble-e7fec504b573a5fe7aa9a6f1b12e7976.png
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd66670e33f248ddc8f8accfb0173af1e10af2389bd59f04ff148ed3e7ff3025

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 24 May 2022 01:32:08 GMT
server: cloudflare
etag: "628c3598-126"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDeR3v3Dy1TDOh%2Fvb9Xx08aMfjlz8YHji8Jr2upFP%2FnXrz0aaVoya3mHjbC92LdyF%2BMjJazMikk%2BlK0rKv1J4y1KRMAcDw63hip6mpuWUN2AA%2BZd7iwDSmOXv2rM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746d615acd23a820-SYD
content-length: 294

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 400ms
199ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b4a24789f67a2d97f62b7f63e5057c3d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

02d8c6522e1f4c4b2dfa5a4914d2505e4836b71188a48d2ce00496b7f5852017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lookbook.nu/
Origin: https://lookbook.nu
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: splFkA2f5P2q9PYkCexO4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88145
x-fb-rlafr: 0
x-fb-debug: QvypAS9OI7DwxvJ6F2Ccyz7ZNjblN/25u/HbFAeqzbA5ynXlJd0RZdyDeWXGUlQi850eftsD/AzzR2Ze7iPOig==
x-fb-content-md5: da1ff60f483ee348259cc948d686f38a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 07 Sep 2022 06:27:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d90e8aeddf1d8eec1e0dbbab425155ea"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Sep 2023 05:47:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 586ms
195ms XHR
text/plain 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4019432-1&cid=2062811087.1662532065&jid=44249847&gjid=1690146554&_gid=1780885225.1662532065&_u=YGBAgAABAAAAAE~&z=41606089

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lookbook.nu/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 07 Sep 2022 06:27:45 GMT
content-type: text/plain
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 196ms
195ms Image
image/gif 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=458557719&t=pageview&_s=1&dl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&dp=%2Fuser%2F10841472&ul=en-us&de=UTF-8&dt=Henry%20Padilla%20%7C%20Lookbook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=44249847&gjid=1690146554&cid=2062811087.1662532065&tid=UA-4019432-1&_gid=1780885225.1662532065&cg1=User%20Profiles&z=757565663

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 12:23:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65069
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 586ms
194ms Script
text/javascript 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 06:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131916
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 03 Sep 2023 06:02:33 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 110 B
725 B 587ms
197ms XHR
application/json 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lookbook.nu

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-52-84-251-31.sin5.r.cloudfront.net

Software

cafe /

Resource Hash

fa154aae30700d792a088ec67e9e94878f0947772590d3dd49bb69dcdb1fc3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 06:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Wed, 07 Sep 2022 06:27:45 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 203ms
202ms XHR
text/plain 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Flookbook.nu&pubid=32930239-e300-4e84-8205-3dc868716562
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 04:30:27 GMT
via: 1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
server: Server
age: 7037
x-cache: Hit from cloudfront
access-control-allow-origin: https://lookbook.nu
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: SIN2-P2
x-amz-cf-id: InltXomDRiaGC1D0K5MRaIUYu3t5Jm9TEYPREMvnn5yJe0-Y0OkL0w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 130 B
509 B 343ms
342ms XHR
text/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&pid=GR606Im0P2Rpc&cb=0&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1509568888555-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1093101%2Fex_hp_728x90%22%7D%5D&pubid=32930239-e300-4e84-8205-3dc868716562&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: Server /
Resource Hash: e2990425bf51decab18eb421a6f5132caf4371596b5ca22704f4bc603ed9b38b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:44 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: SIN2-P2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 138
via: 1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
x-amz-cf-id: 5-k4N91SCOrq0P0p8cYdkn5o009g_MBTptqNeEg7c72UMF69jN0chA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 608ms
204ms XHR
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 9772
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Wed, 07 Sep 2022 03:44:54 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: SIN2-P2
x-amz-cf-id: OjU0NnybSoruPpJPRIiMBUUi556X0fxeFwAWmMcFLbut4AMFKgLzFg==

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
549 B 640ms
200ms Image
image/gif 52.84.251.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=909220473;fpan=1;fpa=P0-890002001-1662532064993;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;ref=;cm=;gdpr=0;d=lookbook.nu;dst=0;et=1662532064993;tzo=0;url=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla;ogl=site_name.Lookbook%2Ctitle.Henry%20Padilla%2Ctype.lookbook-nu%3Auser%2Curl.http%3A%2F%2Flookbook%252Enu%2Fuser%2F10841472-Henry-Padilla%2Cimage.%2F%2Flbstatic%252Enu%2Fassets%2Fguy%252Egif%2Cdescription.po%C5%BCyczka%20na%20dow%C3%B3d%20bez%20dochod%C3%B3w%20od%2018%20lat

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.251.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:17:57 GMT
via: 1.1 33ccc45b55961a5a150d23d44de2958a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 14492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
content-type: image/gif
x-amz-cf-pop: SIN5-C1
accept-ranges: bytes
x-amz-cf-id: Ey1euVuz2tgNPmRLDayxgUtF3bKVW33KISDJWTAmEgBQ7cba3tSmHQ==

GET
H2 200 pixel;r=470923326;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla;uht=2;fpan=0;fpa=P0-890002001-1662532064993;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm...
pixel.quantserve.com/ 35 B
371 B 210ms
203ms Image
image/gif 103.229.10.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=470923326;rf=0;a=p-15_abpQY22gxg;url=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla;uht=2;fpan=0;fpa=P0-890002001-1662532064993;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=lookbook.nu;dst=0;et=1662532064996;tzo=0;ogl=site_name.Lookbook%2Ctitle.Henry%20Padilla%2Ctype.lookbook-nu%3Auser%2Curl.http%3A%2F%2Flookbook%252Enu%2Fuser%2F10841472-Henry-Padilla%2Cimage.%2F%2Flbstatic%252Enu%2Fassets%2Fguy%252Egif%2Cdescription.po%C5%BCyczka%20na%20dow%C3%B3d%20bez%20dochod%C3%B3w%20od%2018%20lat;ses=1d67aae7-f5ef-460c-a73e-79c306ce97e4

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8354559&cs_it=b3&cv=3.8.0.210223&ns__t=1662532065011&ns_c=UTF-8&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&c8=Henry%20Padilla%20%7C%20Lo...
https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&cs_it=b3&cv=3.8.0.210223&ns__t=1662532065011&ns_c=UTF-8&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&c8=Henry%20Padilla%20%7C%20L...

0
191 B

358ms
358ms

Image
text/plain

13.224.250.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8354559&cs_it=b3&cv=3.8.0.210223&ns__t=1662532065011&ns_c=UTF-8&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&c8=Henry%20Padilla%20%7C%20Lookbook&c9=
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Server: 13.224.250.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-43.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:45 GMT
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
x-amz-cf-id: -cewNMMAlNdDkkfSYVHFFmuGcPULOejjzFR-mM6I7TTmwAJv0k1zeg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=8354559&cs_it=b3&cv=3.8.0.210223&ns__t=1662532065011&ns_c=UTF-8&c7=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&c8=Henry%20Padilla%20%7C%20Lookbook&c9=
date: Wed, 07 Sep 2022 06:27:45 GMT
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
content-length: 0
x-amz-cf-id: yBMhSd2HIVVRCzj5O3WvGVhnn9t3lA1erHzOShy4gGWcKN1YYpc2DQ==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 67F7
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_n-amobee
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_n-amobee&dcc=t

282 B
1 KB

324ms
324ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_n-amobee&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

4cefbebb3c3b2fee9baab860573ee613e29948056d382293e04c43fb7e05ca75

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 282
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 07 Sep 2022 06:27:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: HWN0QWX8381WD9FC8HHH

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 07 Sep 2022 06:27:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_n-amobee&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZZ42P74H43MRJFTHFVV2

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 812ms
402ms Fetch
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=71607949800&input_token&origin=1&redirect_uri=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b4a24789f67a2d97f62b7f63e5057c3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 6gkBNpEJlvHCQOd5S27u+7eq5mJ4g8AVg6D2MLcaoLMeSD6sgGXkVQh/u3qla5Pmcsic/MyfQGY1DbGBSgrhFA==
fb-s: unknown
date: Wed, 07 Sep 2022 06:27:45 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 593ms
200ms Script
application/javascript 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 06:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 591ms
198ms Script
application/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lookbook.nu

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 06:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
16 KB 851ms
550ms XHR
text/plain 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1693231021301030&correlator=1478717872791373&eid=31068457%2C31069332%2C31069333%2C31068825&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=1093101%2Cex_hp_300x250%2Cex_hp_btf_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%2C300x250&ifi=1&adks=1276300409%2C1030487218&sfv=1-0-38&fsapi=false&eri=1&cust_params=d6%3D6%26d20%3D10%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&sc=1&cookie_enabled=1&abxe=1&dt=1662532065802&lmt=1662532065&dlt=1662532062144&idt=3623&adxs=990%2C990&adys=384%2C1091&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&frm=20&vis=1&psz=300x250%7C300x250&msz=300x250%7C300x-1&fws=0%2C0&ohw=0%2C0&ga_vid=2062811087.1662532065&ga_sid=1662532066&ga_hid=458557719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a6bd2b7269280b92111503a2c14ed90bcb87a18925cf6571cf63e06c4387d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15797
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
14 KB 837ms
536ms XHR
text/plain 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1693231021301030&correlator=1916599842921373&eid=31068457%2C31069332%2C31069333%2C31068825&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=1093101%2Cex_hp_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&adks=3286650984&sfv=1-0-38&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=d6%3D6%26d20%3D10%26brand%3D%26leadersize%3D728x90%26sideadsize%3D300x250&sc=1&cookie_enabled=1&abxe=1&dt=1662532065808&lmt=1662532065&dlt=1662532062144&idt=3623&adxs=310&adys=384&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&frm=20&vis=1&psz=980x0&msz=980x0&fws=0&ohw=0&ga_vid=2062811087.1662532065&ga_sid=1662532066&ga_hid=458557719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87abf5483991693cf17d1f429f7358a664dc9e4a9108e47b10c52eb6e847270d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lookbook.nu
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 754C 6 KB
4 KB 590ms
196ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 06:27:46 GMT
expires: Thu, 07 Sep 2023 06:27:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame F4B9 1 KB
2 KB 306ms
305ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_n-amobee&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

79f66a19177c7f74d08af8c6b061005910993f3c52b5b456034ea7bfba17baf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_n-amobee&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1224
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 07 Sep 2022 06:27:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: R94ZQ7BSNRYNGCT490VB

GET
H2 200 container.html Show response
3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F1C9 6 KB
3 KB 497ms
194ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 06:27:46 GMT
expires: Thu, 07 Sep 2023 06:27:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 17A1 6 KB
3 KB 499ms
198ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 06:27:46 GMT
expires: Thu, 07 Sep 2023 06:27:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 31D6 6 KB
3 KB 504ms
202ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lookbook.nu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 06:27:46 GMT
expires: Thu, 07 Sep 2023 06:27:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

cm Show response
u.openx.net/w/1.0/ Frame 6A32
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

582 B
384 B

306ms
201ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e482031b66166e486d39993aac5b044e1f3cbb74ca56ada78bf642dac8e64b34

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 365
content-type: text/html
date: Wed, 07 Sep 2022 06:27:47 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 07 Sep 2022 06:27:47 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0BE9 15 KB
6 KB 954ms
316ms Document
text/html 184.87.200.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.200.209 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-200-209.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=32729
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 06:27:47 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 07 Sep 2022 15:33:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4D67 281 B
554 B 860ms
284ms Document
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Sep 2022 06:27:47 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame DCDE
Redirect Chain

https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=9109920147756824274

43 B
516 B

317ms
317ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=9109920147756824274

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_pm-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 06:27:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: Q67J794JR7V0SQD9J20T

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
date: Wed, 07 Sep 2022 06:27:47 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=9109920147756824274
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma: no-cache

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F1C9 0
0 203ms
202ms Fetch
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQJT44jkYY9S5DsH6ogOPp43YDKzX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTA3OTA4OTQxNDg0NTE3ODWgAZX1m98DyAEJ4AIAqAMBqgTvAU_QqOXvL8gdZNZbTZln6u6JpbvbuvmUiXEi0SW9AI9NB8Z7j_xctTiI_4RI6R0caAWa7Av-jpl9qZi038VxDhtRKWuNrvKzBsGXGSGJ8xqMWp64l7fmehtKrPQk_dESwL56h3s5nOkJ0u54vkxLMGbfFmEKoRPK7WMWFQkkX6beuE8gqjcxUOjQuXLlBO8s5QvgrdoETAxBkx-90ktZoKIhwBxlsKO-Du699yxMY2dbVXlXbuTxiSWWbimfchi7m2wW_mWBrNGCzSrGCWhDSXWRjxCzqaB_5BzF2y6_0-5V49-XKtOqH7smBPw9tMUQ4AQBgAaG1be3q_22pPgBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTA3OTA4OTQxNDg0NTE3ODUYvZYL&sigh=m8EtYnJ688I&uach_m=[UACH]&cid=CAQSPwCsnQUxPmVp_f215X6hdVwLaBiPd2D5Dfr8N40oYIs9v_GBCm6AWUqzsij7gt4HE5CQivGyP5ighy_FXAIlchgB
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f154.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 log
hblg.media.net/ Frame F1C9 35 B
0 782ms
259ms Fetch
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.2144005E-4&viewability=80&device_id=4&cbdp=0.06&slotVisibility=1&dn=lookbook.nu&acid=7463c706128c45e8a78009d07da8ea25&ugd=4&size=728x90&pvid=313&csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&ogbdp=0.06&prvReqId=48026159029255_1135240777_52982010413131&itype=ADX&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&scrid=1700080812610100728009000000500&mang=1&bidrestime=1662532066365&cid=8CU3SX34C&rme=nurl
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:47 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame F1C9 35 B
0 756ms
245ms Fetch
image/gif 42.99.128.161
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0900&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=3.0&adtyp=0&req_id=Yxg54gAEv7AK1RCDsg4W2Q&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=728x90&url_l1=user&f_seg=&url_l2=10841472-henry-padilla&prdp=0.0600&ogcbdp=0.0600&dfpbd=0.0600&server=1&ogerpm_wd_bkt=0-1&viewability=0.8000&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.10&ugd_ver=&requrl=lookbook.nu%2Fuser%2F10841472-henry-padilla%2F&bidrestime=1662532066365&cc=AU&strg=no_strategy&ss=&current_hour=6&time_stamp=2022-09-07+06%3A27%3A46&rvshhon=&bdp=0.0600&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.05&algo=mrg-3.5&dc=apac_sg&splid=&dn=lookbook.nu&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=7463c706128c45e8a78009d07da8ea25&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=3&visibility=1&totalTime=3467530&dmm_m1=2022-09-07+06%3A27%3A46.367138486&e_rpm=0.0000&dmm_m22=0.0900&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100728009000000500&rawbid=0.0600&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-65c8cf57d6-d9vdq.SG&dfp_bucket=0.0&adblk=3286650984&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=35&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.06
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.128.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-128-161.pacnet.net
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 06:27:47 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame F1C9 162 KB
56 KB 1193ms
618ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e7a940aeb6585194a749c1be30e57e2a6fa2ab779c43a7566bb58497b692f8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
x-mnt-h: 21-0j52
content-encoding: gzip
server: Apache
etag: "76974eee3190a31cd17a9fc4b76ebed9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 07 Sep 2022 06:27:47 GMT
strict-transport-security: max-age=31536000
x-mnt-w: 8-31
expires: Wed, 07 Sep 2022 06:32:47 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame F1C9 61 KB
62 KB 811ms
266ms Script
application/javascript 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: nginx
date: Wed, 07 Sep 2022 06:27:47 GMT
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=21594
access-control-allow-credentials: true
content-length: 62892
expires: Wed, 07 Sep 2022 12:27:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame F1C9 3 KB
1 KB 874ms
479ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:13:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame F1C9 17 KB
7 KB 781ms
386ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:07:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F1C9 0
0 638ms
244ms Image
text/html 142.251.10.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1Kv1e1MTxIi6KQr36wgIWL_VRDD_c8SreEmCK2N1Sws864WMei5XCmJn8n4nbhAmQwJdLU_ekVApEO5iT0v2EtSXlvw
Requested by: Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f99.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F1C9 22 KB
7 KB 643ms
250ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 05:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Sep 2023 05:38:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1C9 142 KB
44 KB 498ms
196ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6F82 0
0 203ms
202ms Fetch
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDLNJ4jkYY43ZDpKT1AahxJ2AD6zX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTA3OTA4OTQxNDg0NTE3ODWgAZX1m98DyAEJ4AIAqAMBqgT0AU_Q7CuFzH0dLHQ4bbQIN1E_6HoVnfX68DsUtbtCPV5ikPTYt9sjU9KLxn3y9JNhKHTgwSKchr2uvT0XF_fA-EJBRd7D72cJaVCKedNx-MSgHRmEv0zyv9XsAhJ24Dymrd9JfRN2fjLWUFa_oQKhDsd_dk7pJYxBy2mqMFmNUYiEezdKe7oS3rBE46TTZ3Qp_HwdInHpSts2UNEvItIb1eqoM41qvTRDbil2iGaBkHCi8q-2uE_KZ_sSwWWYaqK3LibgTiqEhuwJep4oNWB79g5Y5mD7GwWllI660_qTvAJQVY5tMTAaO3tR_pNIM3KgwDP8F9bgBAGABsPF35vKrc2Y6QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMDc5MDg5NDE0ODQ1MTc4NRi9lgs&sigh=xlk-RBxcqKU&uach_m=[UACH]&cid=CAQSPwCsnQUxToUCZ6SZRuAM7ddQqU9y23g-cCX850QdFlHVNKv7f4rCIiWmw6nGXXBqh6F39Bc7lyKkcu2jlWckTBgB
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f154.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 log
hblg.media.net/ Frame 6F82 35 B
0 765ms
263ms Fetch
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=5.6198717E-4&viewability=73&device_id=4&cbdp=0.08&slotVisibility=1&dn=lookbook.nu&acid=656008c54c25439b9be6d8b0d4782b4d&ugd=4&size=250x250&pvid=4&csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&ogbdp=0.08&prvReqId=26399286593456_383303770_52982010441&itype=ADX&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&scrid=1700080812610100250025000000500&mang=1&bidrestime=1662532066361&cid=8CU3SX34C&rme=nurl
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:47 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 6F82 35 B
0 796ms
271ms Fetch
image/gif 42.99.128.161
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.1300&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=3.0&adtyp=0&req_id=Yxg54gAEyiMKaDtBwgwa8Q&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=user&f_seg=&url_l2=10841472-henry-padilla&prdp=0.0800&ogcbdp=0.0800&dfpbd=0.0800&server=1&ogerpm_wd_bkt=0-1&viewability=0.7300&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.15&ugd_ver=&requrl=lookbook.nu%2Fuser%2F10841472-henry-padilla%2F&bidrestime=1662532066361&cc=AU&strg=no_strategy&ss=&current_hour=6&time_stamp=2022-09-07+06%3A27%3A46&rvshhon=&bdp=0.0800&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.10&algo=mrg-4.0&dc=apac_sg&splid=&dn=lookbook.nu&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=656008c54c25439b9be6d8b0d4782b4d&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=1&totalTime=2977999&dmm_m1=2022-09-07+06%3A27%3A46.363982460&e_rpm=0.0000&dmm_m22=0.1300&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0800&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-65c8cf57d6-d9vdq.SG&dfp_bucket=0.0&adblk=1276300409&itype=adx&pvid_seat=4_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=40&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.08
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.128.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-128-161.pacnet.net
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 06:27:47 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 6F82 162 KB
56 KB 883ms
328ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

2276b54abf1b8cda534b738f23f8c1b1f855f9615e5aa1162eae3a91f5a88789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
x-mnt-h: 21-0j52
content-encoding: gzip
server: Apache
etag: "76974eee3190a31cd17a9fc4b76ebed9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 07 Sep 2022 06:27:47 GMT
strict-transport-security: max-age=31536000
x-mnt-w: 8-31
expires: Wed, 07 Sep 2022 06:32:47 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 6F82 61 KB
62 KB 1208ms
684ms Script
application/javascript 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: nginx
date: Wed, 07 Sep 2022 06:27:47 GMT
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=21594
access-control-allow-credentials: true
content-length: 62892
expires: Wed, 07 Sep 2022 12:27:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 6F82 3 KB
1 KB 852ms
479ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:13:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 6F82 17 KB
7 KB 594ms
220ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:07:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6F82 0
0 618ms
245ms Image
text/html 142.251.10.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7_5Zs9r_9qi3mHzUwozlenaxhY5hFNI1sxePDPeN0fqPOJqliZ7a-tJmZdSxpr1BcZpCpMzoug6Wws5_WEnS5BI1ZWQ
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f99.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6F82 22 KB
7 KB 793ms
420ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 05:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Sep 2023 05:38:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F82 142 KB
44 KB 588ms
287ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1588 0
0 203ms
203ms Fetch
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBzFf4jkYY47ZDpKT1AahxJ2AD6zX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTA3OTA4OTQxNDg0NTE3ODWgAZX1m98DyAEJ4AIAqAMBqgT-AU_QgoSuf_TBiiv-7HvkiNoxl3Zt_KY99moSaCRkH1PLNUtr7BgOLHlmk0-S05mpHGvjq_bScPP8PYWv8zEPaJT1zLS1jzXTcqyW7Ca9cAhBt-yLpK03Dysc9x_xsa6QFmEJvN5YxJAK_i0x3sUWhW6oY757nj9Xl-9Y22AGf33SlcQOVWQjzDSjXGg1n-cBBRlXhsyLSAI04RP2E1zdcXwJX-BP-NIhXPn4eRIf3YHLm4-S67OI2HoLmC-kpKG1c8fKzAYX1VtklPJqcPwe6ZhY_Epc-LHcYOAwgnkS2doDp6Q26p2TH1mkGFU9oQxbgyrPvRMo4528X8ujRZEJ4AQBgAbDxd-byq3NmOkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTA3OTA4OTQxNDg0NTE3ODUYvZYL&sigh=x8b40qw0_C8&uach_m=[UACH]&cid=CAQSPwCsnQUxToUCZ6SZRuAM7ddQqU9y23g-cCX850QdFlHVNKv7f4rCIiWmw6nGXXBqh6F39Bc7lyKkcu2jlWckTBgB
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f154.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 log
hblg.media.net/ Frame 1588 35 B
0 742ms
260ms Fetch
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=1.4312295E-4&viewability=11&device_id=4&cbdp=0.02&slotVisibility=2&dn=lookbook.nu&acid=ca133d5c623146c19e840f1116877f8e&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-65c8cf57d6-6fbhz.SG&ogbdp=0.02&prvReqId=27076337405819_854159095_52982010413131&itype=ADX&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&scrid=1700080812610100250025000000500&mang=1&bidrestime=1662532066361&cid=8CU3SX34C&rme=nurl
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:47 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame 1588 35 B
0 772ms
257ms Fetch
image/gif 42.99.128.161
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0200&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=3.0&adtyp=0&req_id=Yxg54gAE1HUK1QDItwHa1Q&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=user&f_seg=&url_l2=10841472-henry-padilla&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.1100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=lookbook.nu%2Fuser%2F10841472-henry-padilla%2F&bidrestime=1662532066361&cc=AU&strg=no_strategy&ss=&current_hour=6&time_stamp=2022-09-07+06%3A27%3A46&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dn=lookbook.nu&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=ca133d5c623146c19e840f1116877f8e&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=2&visibility=2&totalTime=2166200&dmm_m1=2022-09-07+06%3A27%3A46.363262012&e_rpm=0.0000&dmm_m22=0.0200&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-65c8cf57d6-6fbhz.SG&dfp_bucket=0.0&adblk=1030487218&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.128.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-128-161.pacnet.net
Software: Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 06:27:47 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 1588 162 KB
56 KB 1146ms
612ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

49012128aa89ff09f652a8e5dfe298442b30a85489a8d56750d2c919d629cdc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
x-mnt-h: 21-0j52
content-encoding: gzip
server: Apache
etag: "76974eee3190a31cd17a9fc4b76ebed9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Wed, 07 Sep 2022 06:27:47 GMT
strict-transport-security: max-age=31536000
x-mnt-w: 8-31
expires: Wed, 07 Sep 2022 06:32:47 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 1588 61 KB
62 KB 1074ms
570ms Script
application/javascript 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
server: nginx
date: Wed, 07 Sep 2022 06:27:47 GMT
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=21594
access-control-allow-credentials: true
content-length: 62892
expires: Wed, 07 Sep 2022 12:27:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 1588 3 KB
1 KB 822ms
469ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:13:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 1588 17 KB
8 KB 549ms
196ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:07:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1588 0
0 593ms
240ms Image
text/html 142.251.10.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVfMPwN0nLS3wyqEu4EVKSHPZtI-IOCii7JoNDc3gokvZc54LcST9WATdpzuqGYCn1131CW0h8dnw4013L57lw9JtxSQ
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f99.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1588 22 KB
7 KB 792ms
440ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 05:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Sep 2023 05:38:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1588 142 KB
44 KB 732ms
431ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 06:27:47 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 6A32 43 B
516 B 306ms
306ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=77923988-0f4a-82ae-8f47-6d911d8bcf66

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 06:27:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8Y1BV67VMASWZSRSH6QM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6A32
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=2f4445f5-13e0-3954-4f49-ef0675b80486&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=2f4445f5-13e0-3954-4f49-ef0675b80486&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=7f80e7fb-0af2-4685-ab63-5ab7942745de&ttd_puid=2f4445f5-13e0-3954-4f49-ef0675b80486&gdpr=0&gdpr_consent=

43 B
62 B

225ms
225ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=7f80e7fb-0af2-4685-ab63-5ab7942745de&ttd_puid=2f4445f5-13e0-3954-4f49-ef0675b80486&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=7f80e7fb-0af2-4685-ab63-5ab7942745de&ttd_puid=2f4445f5-13e0-3954-4f49-ef0675b80486&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 6A32
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yxg55MCo5ukAAEosOacAAAAA

43 B
106 B

199ms
197ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yxg55MCo5ukAAEosOacAAAAA
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 41
Date: Wed, 07 Sep 2022 06:27:48 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":41,"gdpr":false,"ipv4":"173.245.209.136","key":"Yxg55MCo5ukAAEosOacAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad233"}
X-SO-Ads-Time: 1
X-SO-Key: Yxg55MCo5ukAAEosOacAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad233
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Yxg55MCo5ukAAEosOacAAAAA
Cache-Control: private
X-SO-HostName: m-ad233.dc4p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: a-tgng40018.dc2p.scaleout.jp
X-SO-IP: 173.245.209.136

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 6A32
Redirect Chain

https://cr-p3.ladsp.jp/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3
https://cr-pall.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQcz67b1lDMPks8ADsWuFLWQSs8AAAGDFqInMw

43 B
61 B

199ms
198ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQcz67b1lDMPks8ADsWuFLWQSs8AAAGDFqInMw
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
via: 1.1 ccd5ce8e69d2dc421327946b6ecb3cbc.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQcz67b1lDMPks8ADsWuFLWQSs8AAAGDFqInMw
cache-control: no-cache
content-length: 0
x-amz-cf-id: E2SDFuk5OlEzfVCtbr4T9gsoRj6kuKcijNUTpWX3t8YZ5w4W1yGV8g==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6A32 170 B
296 B 200ms
199ms Image
image/png 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDMyYjk2M2YtZGE5Ny02N2YwLTVhYTktYjViZmJmNWFjYWU2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6A32
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xSEEt5VtS93r_WvE7Dlo&google_cver=1

43 B
180 B

199ms
196ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xSEEt5VtS93r_WvE7Dlo&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1xSEEt5VtS93r_WvE7Dlo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4D67 31 KB
10 KB 285ms
285ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8a8759ea2c2da380bbc3dba74c7d8719e2371bab649692a0b8639cecadde1943

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 06:27:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12791
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9377
Expires: Wed, 07 Sep 2022 10:00:58 GMT

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame 0BE9 60 B
268 B 893ms
297ms Script
text/html 103.231.98.196
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a3ae5be06b6a1ec6d16c1806b80ac89d34406834b5d48493dd8999ddfbddab27

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:27:48 GMT
cache-control: private
expires: Mon, 5 Dec 2022 21:38:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 60
content-type: text/html; charset=UTF-8

GET
H2 200 smtr Show response
contextual.media.net/ Frame F1C9 86 KB
32 KB 694ms
694ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=721135687&size=728x90&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&nse=5&vi=1662532067219368715&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44gz/g444&bcpf=B44gz%2Fg448fOnRrolnfOur84&bdrId=313&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p164797620t202209070627&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

942adb9af1cf535bb4f42cbd8d221978cc4187827845867f662c294474972c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
expires: Wed, 07 Sep 2022 06:27:49 GMT
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-b686
strict-transport-security: max-age=31536000
timing-allow-origin: *
content-length: 32813
x-sc-w: 21-s3sc

GET
H2 200 bping.php
lg3.media.net/ Frame F1C9 15 B
15 B 260ms
259ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=550&&vgd_cdv=790&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=721135687&vi=1662532067219368715&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886993991&r=1662532068741&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1662532067150327251&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p164797620t202209070627&vgd_pgids=1&vgd_uspa=0&hvsid=00001662532068738029185683281226&gdpr=0&vgd_end=1

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:48 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=49155
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 3207 26 KB
10 KB 318ms
317ms Document
text/html 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

9bd4f8adb967013c9f51b34d72c95a163fc86a6d83a2c43ebf92f2c32a474727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=94564
content-encoding: gzip
content-length: 9411
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 06:27:48 GMT
expires: Thu, 08 Sep 2022 08:43:52 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame F1C9 35 B
172 B 262ms
261ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4412&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&ifst=0&vid=Yxg54gAEv7AK1RCDsg4W2Q&s_city=singapore&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.2144005E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.060&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=000aebc5&scrid=1700080812610100728009000000500&itypeid=17&mx_SPRIG=0&viewability=80&renderer=0&be=0&rtime=39.0&adj0=0.0&tmax=300&s_ip=74.125.190.144&adj2=0.0&adj1=0.0&feedback_id=Yxg54gAEv7AK1RCDsg4W2Q&adtypes=0&mx_aabpc=0&reqid=Yxg54gAEv7AK1RCDsg4W2Q&sc=AU-NSW&mowxReqId=7463c706128c45e8a78009d07da8ea25_1&ifdp=0&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&bidrestime=1662532066365&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-721135687-37-19&coppa_enf=true&bdp=0.060&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=lookbook.nu&dt=O&acid=7463c706128c45e8a78009d07da8ea25&actltime=44&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C30&dfpBd=0.06&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100728009000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=728x90&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662532666620&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=721135687&ckfl=0&lper=1&mx_tgs=728x90&dummy_vsid=false&cbdp=0.06&pvdTmax=253&ltime=44.0&epc=721135687&ctr_vendor=EXCHANGE&prvReqId=48026159029255_1135240777_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-0790894148451785&ybnca_erpm=0.09&brsrclk=0&sbdrid=196&rtttime=51&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-89884ff48-7m7tj&currsrc_date=2022-09-06+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-07+06%3A27%3A46&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET51K3p5kZZf6k1fBpS1ZTCKTAvKP7WGZsUwdAcUYXBKyenK0KhHOy9DUWjXWoHzYT7y&dmm_ogerpm=false&csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.06&tpbTkn=false&adblk=3286650984&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.09~vw_exc%3D0.8~smm_bid%3D0.06~vis_sd%3D162~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090617~iurl_b%3D1744.47~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.71~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D124%2C124~et%3D38~rc%3D1~rps_sd%3D2022090618~vis_b%3D940.18~url_b%3D0.57~url_tvi%3D0~smm_wr%3D27.5514~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.09~bm%3D1~smm_sd%3D2022090620~sid%3D721135687~sd%3D0~uid%3DaQw3ZiR8peRNs4Rti~btd%3D242893850779564573521803078290395321985694198371659846968701704606848677372665073664~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D0.96~ogd2p_b%3D0.96~vurl_b%3D1.05~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D68.49~vurl_l%3D20~CI%3D2730~nts%3D1~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.95~isif%3D0~lc%3D3~bid%3D0.06~dc%3D8~vl2r_b%3D1.26~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.8%7Eamp%3D1%7Ecbdp%3D0.060%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-0790894148451785%7Edalg%3Dmrg-3.5%7Ehtml%3D1%7Eadblk%3D3286650984%7Esobp%3D%7Ectr%3D3.2144005E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.060%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D35%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D253&utime=2396&sf=0&cpr=0.7559903086612012
Requested by: Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Wed, 07 Sep 2022 06:27:48 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Wed, 07 Sep 2022 12:27:48 GMT

GET
DATA 200
OK truncated
/ Frame F1C9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01218fbd2bb73526d2d830e7c173964f4539abfc38237e2ede8453e02da3748e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B582 728 B
577 B 871ms
200ms Document
text/html 67.199.150.85
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=8FD40F1C-96A7-442C-B22C-1E624CA8E601&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: cd540106665976ba2637d6ae4f9c8efc19abd063750e419a92b3c830be468082

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Sep 2022 06:27:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 smtr Show response
contextual.media.net/ Frame 1588 90 KB
33 KB 655ms
653ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&kwrf=https%3A%2F%2Flookbook.nu&nse=5&vi=1662532067407920648&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44gz/g444&bcpf=B44gz%2Fg448fOnRrolnfOur84&bdrId=313&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p164797620t202209070627&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

4297a8dc7300b2729e4334a1bd8856ff2a9339e76cb2554a1febf95456c11b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
expires: Wed, 07 Sep 2022 06:27:49 GMT
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-b686
strict-transport-security: max-age=31536000
timing-allow-origin: *
content-length: 33514
x-sc-w: 21-jmqc

GET
H2 200 bping.php
lg3.media.net/ Frame 1588 15 B
15 B 262ms
261ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=581&&vgd_cdv=790&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1662532067407920648&ugd=4&lf=6&kwrf=https%3A%2F%2Flookbook.nu&cc=AU&sc=NSW&lper=100&wsip=2886993991&r=1662532068939&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1662532067175446667&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p164797620t202209070627&vgd_pgids=1&vgd_uspa=0&hvsid=00001662532068937029185683286690&gdpr=0&vgd_end=1

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:49 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=49154
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 3A68 26 KB
10 KB 330ms
329ms Document
text/html 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

9bd4f8adb967013c9f51b34d72c95a163fc86a6d83a2c43ebf92f2c32a474727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=94563
content-encoding: gzip
content-length: 9411
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 06:27:49 GMT
expires: Thu, 08 Sep 2022 08:43:52 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 1588 35 B
172 B 261ms
260ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4444&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&ifst=0&vid=Yxg54gAE1HUK1QDItwHa1Q&s_city=singapore&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=1.4312295E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=000aebc5&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=11&renderer=1&be=0&rtime=25.0&adj0=0.0&tmax=300&s_ip=172.253.211.72&adj2=0.0&adj1=0.0&feedback_id=Yxg54gAE1HUK1QDItwHa1Q&adtypes=0&mx_aabpc=0&reqid=Yxg54gAE1HUK1QDItwHa1Q&sc=AU-NSW&mowxReqId=ca133d5c623146c19e840f1116877f8e_1&ifdp=0&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&bidrestime=1662532066361&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-37-14&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=lookbook.nu&dt=O&acid=ca133d5c623146c19e840f1116877f8e&actltime=32&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C30&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662532666614&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=31.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=27076337405819_854159095_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-0790894148451785&ybnca_erpm=0.02&brsrclk=0&sbdrid=196&rtttime=37&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-89884ff48-m9z27&currsrc_date=2022-09-06+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-07+06%3A27%3A46&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AHfbET5B9bG5GOKMgt-CPjvL1zscsZSuyT-ZRx44024UHVcnL0OreGzm0XOAem0R7Ly6cnVV&dmm_ogerpm=false&csip=rtb-common-istio-65c8cf57d6-6fbhz.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=1030487218&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.02~vw_exc%3D0.11~smm_bid%3D0.02~vis_sd%3D162~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090617~iurl_b%3D1744.47~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.62~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D124%2C124~et%3D25~rc%3D2%2C6~rps_sd%3D2022090618~vis_b%3D122.42~url_b%3D0.57~url_tvi%3D0~smm_wr%3D32.3773~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.02~bm%3D1~smm_sd%3D2022090620~sid%3D357234536~sd%3D0~uid%3DaQw3SmocTALnq7gjS~btd%3D242893850779565004880949749562081192348621449618450762995118438804939500855806464000~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.05~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D84.13~vurl_l%3D20~CI%3D2730~nts%3D2~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.95~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.4~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.11%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-0790894148451785%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D1030487218%7Esobp%3D%7Ectr%3D1.4312295E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D253&utime=2579&sf=0&cpr=0.5916770356024135
Requested by: Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Wed, 07 Sep 2022 12:27:49 GMT

GET
DATA 200
OK truncated
/ Frame 1588 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5983206664299727121852274d58afbfd491d0a90273b885c1c41a54b466bf1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 smtr Show response
contextual.media.net/ Frame 6F82 89 KB
33 KB 666ms
665ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&kwrf=https%3A%2F%2Flookbook.nu&nse=5&vi=1662532067349565524&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44gz/g444&bcpf=B448fOnRrolnfOur8gz%2Fg444&bdrId=4&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p164797620t202209070627&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

f373ca5da232d5abda1e12d7fb7e761f8a1043e0e5739a2b0d4922db9ad400a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript
expires: Wed, 07 Sep 2022 06:27:49 GMT
cache-control: max-age=0, no-cache, no-store
x-sc-h: 21-s4xz
strict-transport-security: max-age=31536000
timing-allow-origin: *
content-length: 33488
x-sc-w: 21-s3sc

GET
H2 200 bping.php
lg3.media.net/ Frame 6F82 15 B
15 B 271ms
270ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=581&&vgd_cdv=790&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1662532067349565524&ugd=4&lf=6&kwrf=https%3A%2F%2Flookbook.nu&cc=AU&sc=NSW&lper=100&wsip=2886993991&r=1662532069000&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1662532067178079164&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p164797620t202209070627&vgd_pgids=1&vgd_uspa=0&hvsid=00001662532068998029185683282151&gdpr=0&vgd_end=1

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:49 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=49154
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 60D3 26 KB
10 KB 317ms
316ms Document
text/html 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

9bd4f8adb967013c9f51b34d72c95a163fc86a6d83a2c43ebf92f2c32a474727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=94563
content-encoding: gzip
content-length: 9411
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 06:27:49 GMT
expires: Thu, 08 Sep 2022 08:43:52 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 6F82 35 B
172 B 270ms
269ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4458&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&ifst=0&vid=Yxg54gAEyiMKaDtBwgwa8Q&s_city=singapore&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=5.6198717E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.080&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=000aebc5&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=73&renderer=1&be=0&rtime=33.0&adj0=0.0&tmax=300&s_ip=74.125.190.131&adj2=0.0&adj1=0.0&feedback_id=Yxg54gAEyiMKaDtBwgwa8Q&adtypes=0&mx_aabpc=0&reqid=Yxg54gAEyiMKaDtBwgwa8Q&sc=AU-NSW&mowxReqId=656008c54c25439b9be6d8b0d4782b4d_1&ifdp=0&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&bidrestime=1662532066361&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-37-22&coppa_enf=true&bdp=0.080&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=lookbook.nu&dt=O&acid=656008c54c25439b9be6d8b0d4782b4d&actltime=41&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C30&dfpBd=0.08&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662532666615&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250&dummy_vsid=false&cbdp=0.08&pvdTmax=254&ltime=40.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=26399286593456_383303770_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-0790894148451785&ybnca_erpm=0.13&brsrclk=0&sbdrid=196&rtttime=45&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-89884ff48-rzbnf&currsrc_date=2022-09-06+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-07+06%3A27%3A46&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET4d0odnOcUmaTGuYlDmLKci3iwbNthZlxVssPqKrXzi0jQ_Lww8jZH1JJGU6Xa9M5l_&dmm_ogerpm=false&csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.08&tpbTkn=false&adblk=1276300409&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.13~vw_exc%3D0.73~smm_bid%3D0.08~vis_sd%3D162~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090617~iurl_b%3D1744.47~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.62~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D124%2C124~et%3D31~rc%3D1~rps_sd%3D2022090618~vis_b%3D908.37~url_b%3D0.57~url_tvi%3D0~smm_wr%3D41.6628~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.13~bm%3D1~smm_sd%3D2022090620~sid%3D357234536~sd%3D0~uid%3DaQw3XjRJ7l7G0xraE~btd%3D242893850779565025100896894420706966426678429186435038922156578086416347541018054656~d2p_l%3D30~3pcf%3D1000~uim%3D0~og_msh%3D0.12~dmm_strg%3Dno_strategy~d2p_b%3D0.96~ogd2p_b%3D0.96~vurl_b%3D1.05~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D84.13~vurl_l%3D20~CI%3D2730~nts%3D2~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.95~isif%3D0~lc%3D3~bid%3D0.08~dc%3D8~vl2r_b%3D1.67~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.73%7Eamp%3D1%7Ecbdp%3D0.080%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-0790894148451785%7Edalg%3Dmrg-4.0%7Ehtml%3D1%7Eadblk%3D1276300409%7Esobp%3D%7Ectr%3D5.6198717E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.080%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D254&utime=2639&sf=0&cpr=0.579810483323727
Requested by: Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Wed, 07 Sep 2022 12:27:49 GMT

GET
DATA 200
OK truncated
/ Frame 6F82 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a0f15e1c6037855909947358eba9b00112c6a188b8585a34c179b7880269292

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cksync
cs.media.net/ Frame 3207
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA1NTMzNjY4NjgzMjg0MzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1

45 B
445 B

297ms
297ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 06:27:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 3207
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de

45 B
451 B

282ms
282ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 06:27:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2

200

cksync
cs.media.net/ Frame 3A68
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de

45 B
451 B

320ms
320ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 06:27:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2

200

cksync
cs.media.net/ Frame 3A68
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA1NTMzNjY5NjgzMjgxNzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1

45 B
445 B

286ms
285ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 06:27:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 60D3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de

45 B
451 B

296ms
296ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 06:27:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f80e7fb-0af2-4685-ab63-5ab7942745de
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2

200

cksync
cs.media.net/ Frame 60D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA1NTMzNjY5NjgzMjgzOTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1

45 B
445 B

286ms
286ms

Image
image/gif

23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 07 Sep 2022 06:27:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEP33q5Yi8xDa8ymhDSNTcd4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7A15 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7A15 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7A15 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 7A15 15 B
159 B 264ms
263ms Script
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4900&&&vgd_l2type=sca&fp=3HiEGU2qEtJO8pwO9By7a2Zu0SayXfog51gobKVuAiIlsZn2g8q3jbE_fKlXAxJGEl9PEDAL6A_dVSiY7bYq4xspCjZKBv7nnV1pnK7V-_nMT45wVw5kUIYga2APZLIQ&cme=gtXDLhe2T8RavIzAM4WScArvG9BTaa8Wv_R4oDVTqdp_jBk36gsc7mRV1pdiac4oBN9sm8siWFSxEwP67CM2EbEUpTcIYpg2knnIIxF-GWJ8Hq5wglDKfhpiuLiSKJn12RjhBcQQbzkPHzJJwJBfnQQgLG9oJCC2jf8FvuuAymPLn6fKMusLH2s0NztMl5xxZ5LzwaWywqPivSoXMKedpA%3D%3D%7C%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7Ca0AmFUYXmD6X3x85BxIh7BdeeExUYV0JgC3VnzEq_vDw4_bpYO_PihyhS7WfZw0dd2HHBr1kmFo%3D%7CbAMO5YudLYvlLm1KLDx5RnoMoQlgPGtWYCAhrnKu3gCM7nqZYw9yBLF2r4DwJ2Eqkeo5FV3hb9RMFS_iUnG-7ifVrJNuBAPaqZC2j4MDLdKPr0pjU8F4zvJBq_u-gjZH_eNep0olhnk9oJs55pZTX9tHCGulcBJ4K_tV8ILRSjB37tvnNiEMQ8dgGlQNf9C4GY4SvCCO1GoXOERapg3bkSivwVPZY5EFw6vQOBR5Srt9_UmaxDwzgg%3D%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721601&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=340189069&kbc2[]=1%3D2.00%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C60%3D2.34%7C12%3D0.29%7C66%3D1.12%7C62%3D1.23%7C10%3D5.94%7Cps%3D0.465%7C3%3D1.27%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Website+Maker+App&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=48970281&kbc2[]=1%3D0.23%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C60%3D0.21%7C12%3D0.35%7C66%3D1.12%7C62%3D1.15%7C10%3D5.94%7Cps%3D0.465%7C3%3D0.51%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=350575367&kbc2[]=1%3D0.93%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C60%3D0.93%7C12%3D0.26%7C66%3D1.12%7C62%3D1.80%7C10%3D5.94%7Cps%3D0.465%7C3%3D0.68%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2022&kwd[]=Homes+for+Sale+by+Owner&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=13966059&kbc2[]=1%3D0.74%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C60%3D0.76%7C12%3D0.59%7C66%3D1.12%7C62%3D0.27%7C10%3D5.94%7Cps%3D0.465%7C3%3D0.43%7C4%3D4.58&ktd[]=274911592704&ktrkt[]=Homes+for+Sale+by+Owner&cid=8CUABW64L&vwid=1662532067219368715&vi=1662532067219368715&tdAdd[]=ib%3D0&vsid=3055336686832803&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=790&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721601&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1662532067150327251&sttm=1662532068738&upk=1662532069.24581&hvsid=00001662532068738029185683281226&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080812610100728009000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3055336686832803&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9i~eBMJ-Nv9.W~QYYMG8Ov9.9F~e8QMQOvuFf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9i9Fuh~8xLjMGvuhHH.Hh~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.hu~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vufH%2CufH~J7vAW~LNvu~LEQMQOvf9ff9i9FuW~e8QMGviH9.uW~xLjMGv9.Xh~xLjM7e8v9~QYYMBLvfh.XXuH~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9i~GYvu~QYYMQOvf9ff9i9Ff9~Q8OvhfuuAXFWh~QOv9~x8Ov1gBA28DWEJDIQHD78~G7OvfHfWiAWX9hhiXFHXhAXfuW9A9hWfi9AiXAfuiWXFiHuiWAhuFXiWHFiFWh9uh9HF9FWHWFhhAhfFFX9hAFFH~OfEMjvA9~AENkvu999~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvu.9X~QQvIK~x8Bvou~NJv9~LEQMGvFW.Hi~exLjMjvf9~%3DVvfhA9~z7Qvu~c0fv.*xQJL.*~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.iX~8Q8kv9~jNvA~G8Ov9.9F~ONvW~ejfLMGvu.fF~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.W~1YEvu~NGOEv9.9F9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGo9hi9WiHuHWHXuhWX~O1jyvYLyoA.X~w7Yjvu~1OGjUvAfWFFX9iWH~QmGEv~N7LvA.fuHH99X4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9F9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vAX~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220331&vgd_scsver=303&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001662532068738029185683281226&subBdr=196&bdrid=313&rc=0&rand=1662532069474&acid=7463c706128c45e8a78009d07da8ea25&matm=1662532069474&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vgd_ltimesrc=1&vgd_ltime=2312&vgd_rtime=2307&vgd_etm=14&vgd_l1hcsd=O0j52%7C5847&vgd_l1ch=1&vgd_lhl=2680&vgd_pgid=p164797620t202209070627&vgd_adprefflag=11&vgd_csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SF%7C3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:49 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=50702
content-length: 15

GET
DATA 200
OK truncated
/ Frame 146E 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 146E 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 146E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 146E 15 B
159 B 266ms
266ms Script
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5260&&&vgd_l2type=sca&fp=3HiEGU2qEtJO8pwO9By7a2Zu0SayXfog51gobKVuAiIlsZn2g8q3jQDKnouLlMATwbSMhashL5wQdhlXE4NBtTwoydC0fijgtK4V1dvPiRm3G9JxtS-YNeMCEjgveUrT&cme=A62xvK1vr8CGNvDcI_H6W7qqI6DLVr112sjYexF7U8_6FTtWT9Q6qLfO2NZa44tKHtLjLSU3potIaLpjUvJIduNa0G5LtMjHj9mpQPHsnIOcsVqSaBPCj8HQkjBGP9JzL-JM09UXedNCyOADWnGGp2tuFkbL75rqDwtpYsRgYDDhSFbzhER5AjPqoy1ZmC749rLxilu9haF9R30NPP4jMg%3D%3D%7C%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6X3x85BxIh7BdeeExUYV0JgC3VnzEq_vDw4_bpYO_PihyhS7WfZw0dd2HHBr1kmFo%3D%7Cxrl5Md8q4-9BLBrrmBXURF0txpX3b3sLbvH6X12iUvA%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CmLeOI39YvBbp5l80Fjeg872w-f7OTA29SdnBWbiKgalOTEVkDoPBV6-enzK5FCMq3I6axFNcbJBd_4pc6kGGwXyUII-l8Awvw6osTFMzSC2ABgPlL8Jdv3InShcHNiT72ZjL_4oGrsNiBZbgdXuBcndrk0DFu1c57DV0mW3kjreQl-z-fxu3Guj85jYkMGNIASjQ3st8jmJdO6ChYwC32a_y4Y5vej56nC-P4QjtvHU%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721348&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=340189069&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C62%3D1.23%7C12%3D0.29%7C60%3D2.34%7C66%3D1.12%7C10%3D5.94%7C1%3D2.31%7Cps%3D0.465%7C3%3D1.61%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Website+Maker+App&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=48970281&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C62%3D1.15%7C12%3D0.35%7C60%3D0.21%7C66%3D1.12%7C10%3D5.94%7C1%3D0.23%7Cps%3D0.465%7C3%3D0.51%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=350575367&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C62%3D1.80%7C12%3D0.26%7C60%3D0.93%7C66%3D1.12%7C10%3D5.94%7C1%3D0.93%7Cps%3D0.465%7C3%3D0.68%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2022&kwd[]=Homes+for+Sale+by+Owner&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=13966059&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C62%3D0.27%7C12%3D0.59%7C60%3D0.76%7C66%3D1.12%7C10%3D5.94%7C1%3D0.74%7Cps%3D0.465%7C3%3D0.43%7C4%3D4.58&ktd[]=274911592704&ktrkt[]=Homes+for+Sale+by+Owner&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=26322723&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.41%7C62%3D1.11%7C12%3D0.13%7C60%3D0.12%7C66%3D1.12%7C10%3D5.94%7C1%3D0.13%7Cps%3D0.465%7C3%3D0.07%7C4%3D5.00&ktd[]=274911658240&ktrkt[]=Small+Kitchen+Designs&cid=8CUABW64L&vwid=1662532067407920648&vi=1662532067407920648&tdAdd[]=ib%3D0&vsid=3055336696832857&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=790&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=lookbook.nu&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721348&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1662532067175446667&sttm=1662532068937&upk=1662532069.26936&hvsid=00001662532068937029185683286690&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3055336696832857&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9f~eBMJ-Nv9.uu~QYYMG8Ov9.9f~e8QMQOvuFf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9i9Fuh~8xLjMGvuhHH.Hh~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.Ff~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vufH%2CufH~J7vfX~LNvf%2CF~LEQMQOvf9ff9i9FuW~e8QMGvuff.Hf~xLjMGv9.Xh~xLjM7e8v9~QYYMBLvAf.AhhA~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9f~GYvu~QYYMQOvf9ff9i9Ff9~Q8OvAXhfAHXAF~QOv9~x8Ov1gBAbYmN_KTz%20hydb~G7OvfHfWiAWX9hhiXFX99HWW9iHihHiXFf9WuuifAHWFfuHHiFuWHX9hFfiiXuuWHAWW9HiAiX99WXXW9FHFH999~OfEMjvA9~AENkvu999~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvu.9X~QQvIK~x8Bvou~NJv9~LEQMGvWH.uA~exLjMjvf9~%3DVvfhA9~z7Qvf~c0fv.*xQJL.*~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.iX~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.H~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.uu~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGo9hi9WiHuHWHXuhWX~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvu9A9HWhfuW~QmGEv~N7Lvu.HAuffiX4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220331&vgd_scsver=303&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001662532068937029185683286690&subBdr=196&bdrid=313&rc=0&rand=1662532069630&acid=ca133d5c623146c19e840f1116877f8e&matm=1662532069630&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vgd_ltimesrc=1&vgd_ltime=2417&vgd_rtime=2412&vgd_etm=6&vgd_l1hcsd=O0j52%7C5847&vgd_l1ch=1&vgd_lhl=2695&vgd_pgid=p164797620t202209070627&vgd_adprefflag=11&vgd_csip=rtb-common-istio-65c8cf57d6-6fbhz.SG&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Flookbook.nu%2F&vgd_eadm=1&vgd_end=1

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:49 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=50702
content-length: 15

GET
H2 200 cl_partner.html Show response
ads.pubmatic.com/AdServer/js/ Frame 85B1 2 KB
1 KB 319ms
317ms Document
text/html 184.87.200.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D8FD40F1C-96A7-442C-B22C-1E624CA8E601%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by: Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=8FD40F1C-96A7-442C-B22C-1E624CA8E601&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.87.200.209 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-200-209.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=166538
content-encoding: gzip
content-length: 953
content-type: text/html; charset=UTF-8
date: Wed, 07 Sep 2022 06:27:49 GMT
etag: "fa18f0-6b8-53a413358bd01"
expires: Fri, 09 Sep 2022 04:43:27 GMT
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame DB09 43 B
516 B 317ms
316ms Document
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=8FD40F1C-96A7-442C-B22C-1E624CA8E601&ex=pubmatic.com

Requested by

Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=8FD40F1C-96A7-442C-B22C-1E624CA8E601&rs=3&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Sep 2022 06:27:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: 386RNBW1C4ZP25NVVCM7

GET
DATA 200
OK truncated
/ Frame F8D9 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F8D9 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F8D9 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bql.php Show response
lg3.media.net/ Frame F8D9 15 B
159 B 262ms
262ms Script
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5112&&&vgd_l2type=sca&fp=3HiEGU2qEtJO8pwO9By7a2Zu0SayXfog51gobKVuAiIlsZn2g8q3jQDKnouLlMATwbSMhashL5wQdhlXE4NBtTwoydC0fijgtK4V1dvPiRm3G9JxtS-YNeMCEjgveUrT&cme=BJeP2zasnKeluf5cJPaMX0BNGhAnSDJqrmLij_CJHTk7pdxOsmJgNrJdhdM-3YPs36-dpnVAoyrhCvqo81s09JRrO5L0-SJRK73LxcUdzIO8HK0F0S6bXXBkI4G_WroNUJnyjtAvQxX00VaMC0H9eqoOkFD-WtvdhiA1PEpFcngLOooOG75F4Vx-NUYP-7z4yQfwnGztqekCiIHgP1xllmfsWM43dWiB%7C%7CSDQov5N_G8OQY7nyN26iCZq_BkeUPliHRWfBeS08qceZA2TdqO0nkMbN2_9xrg9ajdLaIb16rCc4rlQWUl11yINebiuFtgXLlqQVZ9JPuUWXE8UrnvSMjzVedVqEMVnCmzBfisaL3ooW2XODV6O9FkLxf_qlsVu7CIKUL2GIj9nK1MLDTxmidMnrSTofkEkKx8cnXgZVLP5_IebutTN0fBngqpo3OlcT%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Ca0AmFUYXmD6X3x85BxIh7BdeeExUYV0JgC3VnzEq_vDw4_bpYO_PihyhS7WfZw0dd2HHBr1kmFo%3D%7Cxrl5Md8q4-9BLBrrmBXURF0txpX3b3sLbvH6X12iUvA%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721601&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=340189069&kbc2[]=12%3D0.29%7C63%3D0.41%7C62%3D1.23%7C60%3D2.34%7C66%3D1.12%7C10%3D5.94%7C1%3D2.31%7Cps%3D0.465%7C3%3D1.61%7C4%3D5.00&ktd[]=274894815232&ktrkt[]=Website+Maker+App&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=48970281&kbc2[]=12%3D0.35%7C63%3D0.41%7C62%3D1.15%7C60%3D0.21%7C66%3D1.12%7C10%3D5.94%7C1%3D0.23%7Cps%3D0.465%7C3%3D0.51%7C4%3D5.00&ktd[]=274894815232&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=350575367&kbc2[]=12%3D0.26%7C63%3D0.41%7C62%3D1.80%7C60%3D0.93%7C66%3D1.12%7C10%3D5.94%7C1%3D0.93%7Cps%3D0.465%7C3%3D0.68%7C4%3D5.00&ktd[]=274894815232&ktrkt[]=Best+Stocks+to+Invest+in+2022&kwd[]=Homes+for+Sale+by+Owner&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=13966059&kbc2[]=12%3D0.59%7C63%3D0.41%7C62%3D0.27%7C60%3D0.76%7C66%3D1.12%7C10%3D5.94%7C1%3D0.74%7Cps%3D0.465%7C3%3D0.43%7C4%3D4.58&ktd[]=274911592448&ktrkt[]=Homes+for+Sale+by+Owner&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=26322723&kbc2[]=pmb%3D1%7C12%3D0.13%7C63%3D0.41%7C62%3D1.11%7C60%3D0.12%7C66%3D1.12%7C10%3D5.94%7C1%3D0.13%7Cps%3D0.465%7C3%3D0.07%7C4%3D5.00&ktd[]=274911657984&ktrkt[]=Small+Kitchen+Designs&cid=8CUABW64L&vwid=1662532067349565524&vi=1662532067349565524&tdAdd[]=ib%3D0&vsid=3055336696832890&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=790&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=lookbook.nu&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721601&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1662532067178079164&sttm=1662532068998&upk=1662532069.25106&hvsid=00001662532068998029185683282151&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3055336696832890&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.uA~eBMJ-Nv9.hA~QYYMG8Ov9.9W~e8QMQOvuFf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9i9Fuh~8xLjMGvuhHH.Hh~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.Ff~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vufH%2CufH~J7vAu~LNvu~LEQMQOvf9ff9i9FuW~e8QMGvi9W.Ah~xLjMGv9.Xh~xLjM7e8v9~QYYMBLvHu.FFfW~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.uA~GYvu~QYYMQOvf9ff9i9Ff9~Q8OvAXhfAHXAF~QOv9~x8Ov1gBAtdD6hjhZ9-L14~G7OvfHfWiAWX9hhiXFX9fXu99WiFWiHHf9h9FiFFHfFFhWHfiuWFHAX9AWiffuXFXhW9WFHuFAHhXHu9uW9XHFXF~OfEMjvA9~AENkvu999~x8Yv9~myMYQwv9.uf~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvu.9X~QQvIK~x8Bvou~NJv9~LEQMGvWH.uA~exLjMjvf9~%3DVvfhA9~z7Qvf~c0fv.*xQJL.*~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.iX~8Q8kv9~jNvA~G8Ov9.9W~ONvW~ejfLMGvu.Fh~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.hA~1YEvu~NGOEv9.9W9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGo9hi9WiHuHWHXuhWX~O1jyvYLyoH.9~w7Yjvu~1OGjUvufhFA99H9i~QmGEv~N7LvX.FuiWhuh4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9W9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vH9~OmyGv9ou~8GNvu~OO7vou~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGv9~GQEv9~7Y-vfXH&vgd_optout=0&vgd_cfud=220331&vgd_scsver=303&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001662532068998029185683282151&subBdr=196&bdrid=4&rc=0&rand=1662532069710&acid=656008c54c25439b9be6d8b0d4782b4d&matm=1662532069710&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vgd_ltimesrc=1&vgd_ltime=2523&vgd_rtime=2512&vgd_etm=5&vgd_l1hcsd=O0j52%7C5847&vgd_l1ch=1&vgd_lhl=2703&vgd_pgid=p164797620t202209070627&vgd_adprefflag=11&vgd_csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Flookbook.nu%2F&vgd_eadm=1&vgd_end=1

Requested by

Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:49 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=50702
content-length: 15

GET
H2 200 log
hblg.media.net/ Frame F1C9 35 B
194 B 270ms
269ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=1&spSource=0&ifst=0&vid=Yxg54gAEv7AK1RCDsg4W2Q&s_city=singapore&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.2144005E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.060&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=000aebc5&scrid=1700080812610100728009000000500&itypeid=17&mx_SPRIG=0&viewability=80&renderer=0&be=0&rtime=39.0&adj0=0.0&tmax=300&s_ip=74.125.190.144&adj2=0.0&adj1=0.0&feedback_id=Yxg54gAEv7AK1RCDsg4W2Q&adtypes=0&mx_aabpc=0&reqid=Yxg54gAEv7AK1RCDsg4W2Q&sc=AU-NSW&mowxReqId=7463c706128c45e8a78009d07da8ea25_1&ifdp=0&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&bidrestime=1662532066365&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-721135687-37-19&coppa_enf=true&bdp=0.060&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=lookbook.nu&dt=O&acid=7463c706128c45e8a78009d07da8ea25&actltime=44&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C30&dfpBd=0.06&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100728009000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=728x90&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662532666620&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=721135687&ckfl=0&lper=1&mx_tgs=728x90&dummy_vsid=false&cbdp=0.06&pvdTmax=253&ltime=44.0&epc=721135687&ctr_vendor=EXCHANGE&prvReqId=48026159029255_1135240777_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-0790894148451785&ybnca_erpm=0.09&brsrclk=0&sbdrid=196&rtttime=51&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-89884ff48-7m7tj&currsrc_date=2022-09-06+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-07+06%3A27%3A46&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET51K3p5kZZf6k1fBpS1ZTCKTAvKP7WGZsUwdAcUYXBKyenK0KhHOy9DUWjXWoHzYT7y&dmm_ogerpm=false&csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.06&tpbTkn=false&adblk=3286650984&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.09~vw_exc%3D0.8~smm_bid%3D0.06~vis_sd%3D162~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090617~iurl_b%3D1744.47~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.71~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D124%2C124~et%3D38~rc%3D1~rps_sd%3D2022090618~vis_b%3D940.18~url_b%3D0.57~url_tvi%3D0~smm_wr%3D27.5514~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.09~bm%3D1~smm_sd%3D2022090620~sid%3D721135687~sd%3D0~uid%3DaQw3ZiR8peRNs4Rti~btd%3D242893850779564573521803078290395321985694198371659846968701704606848677372665073664~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D0.96~ogd2p_b%3D0.96~vurl_b%3D1.05~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D68.49~vurl_l%3D20~CI%3D2730~nts%3D1~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.95~isif%3D0~lc%3D3~bid%3D0.06~dc%3D8~vl2r_b%3D1.26~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.8%7Eamp%3D1%7Ecbdp%3D0.060%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-0790894148451785%7Edalg%3Dmrg-3.5%7Ehtml%3D1%7Eadblk%3D3286650984%7Esobp%3D%7Ectr%3D3.2144005E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.060%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D35%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D253&utime=2396&sf=0&cpr=0.7559903086612012&evttyp=1
Requested by: Host: 3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com
URL: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:49 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 07 Sep 2022 06:27:49 GMT

GET
H2 200 log
hblg.media.net/ Frame 6F82 35 B
194 B 260ms
260ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&ifst=0&vid=Yxg54gAEyiMKaDtBwgwa8Q&s_city=singapore&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=5.6198717E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.080&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=000aebc5&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=73&renderer=1&be=0&rtime=33.0&adj0=0.0&tmax=300&s_ip=74.125.190.131&adj2=0.0&adj1=0.0&feedback_id=Yxg54gAEyiMKaDtBwgwa8Q&adtypes=0&mx_aabpc=0&reqid=Yxg54gAEyiMKaDtBwgwa8Q&sc=AU-NSW&mowxReqId=656008c54c25439b9be6d8b0d4782b4d_1&ifdp=0&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&bidrestime=1662532066361&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-37-22&coppa_enf=true&bdp=0.080&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D1&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=lookbook.nu&dt=O&acid=656008c54c25439b9be6d8b0d4782b4d&actltime=41&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C28%7C30&dfpBd=0.08&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1662532666615&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250&dummy_vsid=false&cbdp=0.08&pvdTmax=254&ltime=40.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=26399286593456_383303770_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-0790894148451785&ybnca_erpm=0.13&brsrclk=0&sbdrid=196&rtttime=45&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-89884ff48-rzbnf&currsrc_date=2022-09-06+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-07+06%3A27%3A46&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET4d0odnOcUmaTGuYlDmLKci3iwbNthZlxVssPqKrXzi0jQ_Lww8jZH1JJGU6Xa9M5l_&dmm_ogerpm=false&csip=rtb-common-istio-65c8cf57d6-d9vdq.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.08&tpbTkn=false&adblk=1276300409&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.13~vw_exc%3D0.73~smm_bid%3D0.08~vis_sd%3D162~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090617~iurl_b%3D1744.47~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.62~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D124%2C124~et%3D31~rc%3D1~rps_sd%3D2022090618~vis_b%3D908.37~url_b%3D0.57~url_tvi%3D0~smm_wr%3D41.6628~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.13~bm%3D1~smm_sd%3D2022090620~sid%3D357234536~sd%3D0~uid%3DaQw3XjRJ7l7G0xraE~btd%3D242893850779565025100896894420706966426678429186435038922156578086416347541018054656~d2p_l%3D30~3pcf%3D1000~uim%3D0~og_msh%3D0.12~dmm_strg%3Dno_strategy~d2p_b%3D0.96~ogd2p_b%3D0.96~vurl_b%3D1.05~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D84.13~vurl_l%3D20~CI%3D2730~nts%3D2~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.95~isif%3D0~lc%3D3~bid%3D0.08~dc%3D8~vl2r_b%3D1.67~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.73%7Eamp%3D1%7Ecbdp%3D0.080%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-0790894148451785%7Edalg%3Dmrg-4.0%7Ehtml%3D1%7Eadblk%3D1276300409%7Esobp%3D%7Ectr%3D5.6198717E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.080%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D254&utime=2639&sf=0&cpr=0.579810483323727&evttyp=1
Requested by: Host: lookbook.nu
URL: https://lookbook.nu/user/10841472-Henry-Padilla
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-252-26.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 06:27:50 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 07 Sep 2022 06:27:50 GMT

GET i.js
mathid.mathtag.com/d/ Frame 85B1 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 643ms
200ms XHR
application/json 142.250.4.156

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1195b00c1008ace93b0a3e9397a09ef5a432196442b8f308007517e00ad56c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://lookbook.nu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 06:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11065
x-xss-protection: 0

GET
H2 200 bqi.php
lg3.media.net/ Frame F1C9 15 B
15 B 261ms
260ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2888&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=gtXDLhe2T8RavIzAM4WScArvG9BTaa8Wv_R4oDVTqdp_jBk36gsc7mRV1pdiac4oBN9sm8siWFSxEwP67CM2EbEUpTcIYpg2knnIIxF-GWJ8Hq5wglDKfhpiuLiSKJn12RjhBcQQbzkPHzJJwJBfnQQgLG9oJCC2jf8FvuuAymPLn6fKMusLH2s0NztMl5xxZ5LzwaWywqPivSoXMKedpA==||sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|a0AmFUYXmD6X3x85BxIh7BdeeExUYV0JgC3VnzEq_vDw4_bpYO_PihyhS7WfZw0dd2HHBr1kmFo=|bAMO5YudLYvlLm1KLDx5RnoMoQlgPGtWYCAhrnKu3gCM7nqZYw9yBLF2r4DwJ2Eqkeo5FV3hb9RMFS_iUnG-7ifVrJNuBAPaqZC2j4MDLdKPr0pjU8F4zvJBq_u-gjZH_eNep0olhnk9oJs55pZTX9tHCGulcBJ4K_tV8ILRSjB37tvnNiEMQ8dgGlQNf9C4GY4SvCCO1GoXOERapg3bkSivwVPZY5EFw6vQOBR5Srt9_UmaxDwzgg==|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=721135687&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vi=1662532067219368715&ugd=4&cc=AU&sc=NSW&bdrid=313&subBdr=196&startTime=1662532068730&l2type=sca&vgd_l1rakh=1662532067150327251&l1ch=1&sttm=1662532068738&upk=1662532069.24581&hvsid=00001662532068738029185683281226&acid=7463c706128c45e8a78009d07da8ea25&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.09~vw_exc%3D0.8~smm_bid%3D0.06~vis_sd%3D162~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090617~iurl_b%3D1744.47~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.71~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D124%2C124~et%3D38~rc%3D1~rps_sd%3D2022090618~vis_b%3D940.18~url_b%3D0.57~url_tvi%3D0~smm_wr%3D27.5514~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.09~bm%3D1~smm_sd%3D2022090620~sid%3D721135687~sd%3D0~uid%3DaQw3ZiR8peRNs4Rti~btd%3D242893850779564573521803078290395321985694198371659846968701704606848677372665073664~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dno_strategy~d2p_b%3D0.96~ogd2p_b%3D0.96~vurl_b%3D1.05~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D68.49~vurl_l%3D20~CI%3D2730~nts%3D1~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.95~isif%3D0~lc%3D3~bid%3D0.06~dc%3D8~vl2r_b%3D1.26~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.8%7Eamp%3D1%7Ecbdp%3D0.060%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-0790894148451785%7Edalg%3Dmrg-3.5%7Ehtml%3D1%7Eadblk%3D3286650984%7Esobp%3D%7Ectr%3D3.2144005E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.060%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D35%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D253&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&infr=1&twna=1&stime=1662532067183&vgd_ecrid=1700080812610100728009000000500&l1hcsd=l1!O0j52|5847&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p164797620t202209070627&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:50 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=49761
content-length: 15

GET
H2 200 bqi.php
lg3.media.net/ Frame 6F82 15 B
15 B 294ms
294ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=3012&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=BJeP2zasnKeluf5cJPaMX0BNGhAnSDJqrmLij_CJHTk7pdxOsmJgNrJdhdM-3YPs36-dpnVAoyrhCvqo81s09JRrO5L0-SJRK73LxcUdzIO8HK0F0S6bXXBkI4G_WroNUJnyjtAvQxX00VaMC0H9eqoOkFD-WtvdhiA1PEpFcngLOooOG75F4Vx-NUYP-7z4yQfwnGztqekCiIHgP1xllmfsWM43dWiB||SDQov5N_G8OQY7nyN26iCZq_BkeUPliHRWfBeS08qceZA2TdqO0nkMbN2_9xrg9ajdLaIb16rCc4rlQWUl11yINebiuFtgXLlqQVZ9JPuUWXE8UrnvSMjzVedVqEMVnCmzBfisaL3ooW2XODV6O9FkLxf_qlsVu7CIKUL2GIj9nK1MLDTxmidMnrSTofkEkKx8cnXgZVLP5_IebutTN0fBngqpo3OlcT|u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|a0AmFUYXmD6X3x85BxIh7BdeeExUYV0JgC3VnzEq_vDw4_bpYO_PihyhS7WfZw0dd2HHBr1kmFo=|xrl5Md8q4-9BLBrrmBXURF0txpX3b3sLbvH6X12iUvA=|sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&requrl=https%3A%2F%2Flookbook.nu%2Fuser%2F10841472-Henry-Padilla&vi=1662532067349565524&ugd=4&cc=AU&sc=NSW&bdrid=4&subBdr=196&vgd_kwrf=https%3A%2F%2Flookbook.nu&startTime=1662532068993&l2type=sca&vgd_l1rakh=1662532067178079164&l1ch=1&cref=https%3A%2F%2Flookbook.nu%2F&sttm=1662532068998&upk=1662532069.25106&hvsid=00001662532068998029185683282151&acid=656008c54c25439b9be6d8b0d4782b4d&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.13~vw_exc%3D0.73~smm_bid%3D0.08~vis_sd%3D162~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022090617~iurl_b%3D1744.47~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.62~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D124%2C124~et%3D31~rc%3D1~rps_sd%3D2022090618~vis_b%3D908.37~url_b%3D0.57~url_tvi%3D0~smm_wr%3D41.6628~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.13~bm%3D1~smm_sd%3D2022090620~sid%3D357234536~sd%3D0~uid%3DaQw3XjRJ7l7G0xraE~btd%3D242893850779565025100896894420706966426678429186435038922156578086416347541018054656~d2p_l%3D30~3pcf%3D1000~uim%3D0~og_msh%3D0.12~dmm_strg%3Dno_strategy~d2p_b%3D0.96~ogd2p_b%3D0.96~vurl_b%3D1.05~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D84.13~vurl_l%3D20~CI%3D2730~nts%3D2~MP2%3D.*user.*~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.95~isif%3D0~lc%3D3~bid%3D0.08~dc%3D8~vl2r_b%3D1.67~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.73%7Eamp%3D1%7Ecbdp%3D0.080%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-0790894148451785%7Edalg%3Dmrg-4.0%7Ehtml%3D1%7Eadblk%3D1276300409%7Esobp%3D%7Ectr%3D5.6198717E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.080%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D254&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&infr=1&twna=1&stime=1662532067204&vgd_ecrid=1700080812610100250025000000500&l1hcsd=l1!O0j52|5847&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p164797620t202209070627&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://3b3effd0a3e82849c0c05fa8fd3e3724.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
server: Apache
date: Wed, 07 Sep 2022 06:27:50 GMT
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=49761
content-length: 15

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 500ms
199ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS