etandoz.com Open in urlscan Pro
173.249.24.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://etandoz.com/
Effective URL:
https://etandoz.com/
Submission: On November 21 via manual (November 21st 2020, 9:44:59 am UTC) from US

Summary HTTP 164 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 32 domains to perform 164 HTTP transactions. The main IP is 173.249.24.142, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is etandoz.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 22nd 2020. Valid for: 3 months.

This is the only time etandoz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 34	173.249.24.142 173.249.24.142	51167 (CONTABO) (CONTABO)
1	2.21.37.33 2.21.37.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
50	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::681b:930b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:210... 2600:9000:2104:a400:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
10	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:81e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6812:3689	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	52.17.253.7 52.17.253.7	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e2:... 2606:4700:e2::ac40:8720	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	52.8.73.135 52.8.73.135	16509 (AMAZON-02) (AMAZON-02)
4	18.200.32.70 18.200.32.70	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.210 213.19.147.210	3356 (LEVEL3) (LEVEL3)
1	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:1600:a:d79f:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:214... 2600:9000:214f:c800:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:210... 2600:9000:2104:6000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
164	39

34 173.249.24.142 (Nuremberg, Germany) 3 redirects

ASN51167 (CONTABO, DE)
PTR: server1.symbolhost.org

etandoz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.37.33 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-33.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 18.156.95.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::681b:930b (United States)

ASN13335 (CLOUDFLARENET, US)

www.ezojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:a400:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6812:3689 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.253.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8720 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (Germany)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.8.73.135 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-73-135.us-west-1.compute.amazonaws.com

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.200.32.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.244 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:1600:a:d79f:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:c800:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:6000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	ezoic.net g.ezoic.net go.ezoic.net	402 KB
34	etandoz.com 3 redirects etandoz.com	523 KB
17	googlesyndication.com pagead2.googlesyndication.com 65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com tpc.googlesyndication.com	184 KB
12	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	297 KB
6	ampproject.org cdn.ampproject.org	114 KB
4	gumgum.com g2.gumgum.com	3 KB
4	google-analytics.com ssl.google-analytics.com	18 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	onetag-sys.com onetag-sys.com	526 B
3	wp.com s0.wp.com stats.wp.com pixel.wp.com	6 KB
3	google.com adservice.google.com www.google.com	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	criteo.net static.criteo.net	49 KB
2	undertone.com hb.undertone.com cdn.undertone.com	847 B
2	4dex.io script.4dex.io	20 KB
1	quantcount.com rules.quantcount.com	348 B
1	digitru.st prebid.digitru.st	1 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	640 B
1	google.at adservice.google.at	803 B
1	adnxs.com ib.adnxs.com	12 KB
1	1rx.io tag.1rx.io	268 B
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	adsrvr.org match.adsrvr.org	541 B
1	rlcdn.com api.rlcdn.com	218 B
1	ezodn.com www.ezodn.com	1 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	ezojs.com www.ezojs.com	4 KB
1	googleapis.com fonts.googleapis.com	521 B
1	pubmatic.com ads.pubmatic.com	85 KB
164	32

	Domain	Requested by
50	g.ezoic.net	etandoz.com g.ezoic.net
34	etandoz.com	3 redirects etandoz.com
10	securepubads.g.doubleclick.net	etandoz.com securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	etandoz.com pagead2.googlesyndication.com
6	tpc.googlesyndication.com	etandoz.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
4	65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	g2.gumgum.com	g.ezoic.net
4	ssl.google-analytics.com	etandoz.com
3	sb.scorecardresearch.com	1 redirects go.ezoic.net
3	onetag-sys.com	g.ezoic.net
2	static.criteo.net	g.ezoic.net static.criteo.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	script.4dex.io	g.ezoic.net script.4dex.io
2	gum.criteo.com	1 redirects static.criteo.net
2	go.ezoic.net	etandoz.com
2	adservice.google.com	etandoz.com securepubads.g.doubleclick.net
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	go.ezoic.net
1	cdn.undertone.com	g.ezoic.net
1	prebid.digitru.st	g.ezoic.net
1	www.google.com	etandoz.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.at	securepubads.g.doubleclick.net
1	pixel.wp.com	etandoz.com
1	bidder.criteo.com	g.ezoic.net
1	ib.adnxs.com	g.ezoic.net
1	tag.1rx.io	g.ezoic.net
1	hb.undertone.com	g.ezoic.net
1	cdn.jsdelivr.net	g.ezoic.net
1	match.adsrvr.org	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	www.ezodn.com	etandoz.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mug.criteo.com	etandoz.com
1	stats.wp.com	etandoz.com
1	cdn.onesignal.com	etandoz.com
1	s0.wp.com	etandoz.com
1	www.ezojs.com	etandoz.com
1	fonts.googleapis.com	etandoz.com
1	ads.pubmatic.com	etandoz.com
164	43

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com
www.facebook.com

Subject Issuer	Validity	Valid
www.etandoz.com Let's Encrypt Authority X3	`2020-10-22` - `2021-01-20`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
ezoic.net Let's Encrypt Authority X3	`2020-09-25` - `2020-12-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.ezoic.net Amazon	`2020-03-15` - `2021-04-15`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
*.ramp-ut.io Amazon	`2020-11-07` - `2021-12-06`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google.at GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cdn-cf.digitru.st Amazon	`2020-04-23` - `2021-05-23`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.undertone.com Amazon	`2020-01-08` - `2021-02-08`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://etandoz.com/
Frame ID: C7D4DF0CC1CB5EC072A3BE079C9C90AD
Requests: 142 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 5218C856354334618F436A0C22C694BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1605951880&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16810120%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fetandoz.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605951880801&bpp=4&bdt=2367&idt=146&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4337236543430&frm=20&pv=2&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=1&ga_wpids=UA-131156852-28&iag=0&icsg=3421732450860994&dssz=100&mdo=0&mso=2048&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=1067106022744905&pem=317&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=164
Frame ID: D10458310E339DD02366D0AC83087C34
Requests: 1 HTTP requests in this frame

Frame: https://65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 83E0EE10C69FBCD433F15A7DBA17D574
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: B9B1B0DB5B28F013B5DA5FF32FB72510
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 593C53966361C92789E385D6F3428DB1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=etandoz.com
Frame ID: 65AEC728AE9D3F2FFBC8ADE476FADFED
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Frame ID: 08E8B42B403287982B70F8DF64D2CC35
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1605951880912
Frame ID: 19057A2CF5E8DD6CCE2494B60CBE3AD0
Requests: 1 HTTP requests in this frame

Frame: https://65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 1BC40939607D54CC1681662A2A2E44A2
Requests: 1 HTTP requests in this frame

Frame: https://65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: A93F3A9A6715C349061AFEA1FF2BE923
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://etandoz.com/ HTTP 301
https://etandoz.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

164
Requests

100 %
HTTPS

55 %
IPv6

32
Domains

43
Subdomains

39
IPs

7
Countries

1776 kB
Transfer

5464 kB
Size

33
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/etandoz/
Title: Etandoz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://etandoz.com/ HTTP 301
https://etandoz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://etandoz.com/ezoic/cookieconsent.min.js HTTP 302
https://etandoz.com/

Request Chain 41

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fetandoz.com%2F&domain=etandoz.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=eLMJUnxrZUgxUmhubGZGWEc1ekdDaG5mNXVCL0ZyeVFoREo1NDE4ZDh1YjhzZ2QrZDkzVGVBOHB0dEdZRWhPbVYzd2FsV3JyRWNoL1ZxZ245RXduL01FMTUzalc0dkJrZ1F0WkhzWkVXNUczTDR4RS9BYUR3YmR0TTZLOU8ydUJTbHRnUFpFeHFPZG1MSWNjbmRpLytxeld2UkxrRndOaTdpekp5ZlQwZ0NwUmU5Q0MvT3pNR2V2WG53cEdKUmo5cGt5VFlpM3JkSkVmUVdKL1hKUlk3YmpMMUJBPT18&cppv=2

Request Chain 75

https://etandoz.com/ezoic/anchorfix.js?cb=191-2 HTTP 302
https://etandoz.com/

Request Chain 165

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1605951888363&ns_c=UTF-8&cv=3.5&c8=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&c7=https%3A%2F%2Fetandoz.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1605951888363&ns_c=UTF-8&cv=3.5&c8=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&c7=https%3A%2F%2Fetandoz.com%2F&c9=&cs_ak_ss=1

164 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
etandoz.com/
Redirect Chain

http://etandoz.com/
https://etandoz.com/

173 KB
32 KB

1327ms
1218ms

Document
text/html

173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: ab8a4d30433c888070a62f0f4c0d249f364ed3901c77a4410beae82647ee26e3

Request headers

:method: GET
:authority: etandoz.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
content-type: text/html; charset=UTF-8
display: pub_site_sol
expires: Fri, 20 Nov 2020 09:44:38 GMT
link: <https://etandoz.com/wp-json/>; rel="https://api.w.org/"
pagespeed: off
set-cookie: ezoadgid_163104=-1; Path=/; Domain=etandoz.com; Expires=Sat, 21 Nov 2020 10:14:38 UTC; secure ezoref_163104=; Path=/; Domain=etandoz.com; Expires=Sat, 21 Nov 2020 11:44:38 UTC; secure ezoab_163104=mod21-c; Path=/; Domain=etandoz.com; Expires=Sat, 21 Nov 2020 11:44:38 UTC; secure active_template::163104=pub_site.1605951878; Path=/; Domain=etandoz.com; Expires=Mon, 23 Nov 2020 09:44:38 UTC; secure ezopvc_163104=1; Path=/; Domain=etandoz.com; Expires=Sat, 21 Nov 2020 10:14:38 UTC; secure ezepvv=0; Path=/; Domain=etandoz.com; Expires=Sun, 22 Nov 2020 09:44:38 UTC; secure lp_163104=https://etandoz.com/; Path=/; Domain=etandoz.com; Expires=Sat, 21 Nov 2020 11:44:38 UTC; secure ezovid_163104=1615507169; Path=/; Domain=etandoz.com; Expires=Sat, 21 Nov 2020 10:14:38 UTC; secure ezovuuidtime_163104=1605951878; Path=/; Domain=etandoz.com; Expires=Mon, 23 Nov 2020 09:44:38 UTC; secure ezovuuid_163104=52bb0e15-81a1-426f-6287-bbaabefb797f; Path=/; Domain=etandoz.com; Expires=Sat, 21 Nov 2020 10:14:38 UTC; secure ezCMPCCS=true; Path=/; Domain=etandoz.com; Expires=Sun, 21 Nov 2021 09:44:38 GMT; secure
vary: Accept-Encoding
x-middleton-display: pub_site_sol
x-sol: pub_site
content-encoding: br
date: Sat, 21 Nov 2020 09:44:38 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

Connection: Keep-Alive
cache-control: max-age=0, must-revalidate, no-cache, no-store
Content-Type: text/html; charset=UTF-8
display: staticcontent_sol
expires: Fri, 20 Nov 2020 09:44:37 GMT
location: https://etandoz.com/
pagespeed: off
vary: Accept-Encoding Origin,Accept-Encoding
x-middleton-display: staticcontent_sol
x-redirect-by: WordPress
x-sol: pub_site
Content-Length: 626
Content-Encoding: gzip
Date: Sat, 21 Nov 2020 09:44:37 GMT
Server: LiteSpeed

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156983/3085/ 277 KB
85 KB 113ms
48ms Script
text/javascript 2.21.37.33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.33 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-33.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b4a24bdcf99be8cb9823514768815f1f27acea675b511d0e77e7f111a5baed4e

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 09:44:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 21:03:44 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1121094-4544a-5b2d59d8a583e"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=91834
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 86243
Expires: Sun, 22 Nov 2020 11:15:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 39ms
17ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=etandoz.com

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 dall3700test.js Show response
g.ezoic.net/porpoiseant/ 1 MB
358 KB 235ms
131ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: f9d1cdea0522c4af463dbd11b502a1d8c03f045431ff596125b50234401b2eee

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Fri, 13 Nov 2020 23:24:56 GMT
server: nginx/1.16.0
etag: "17c24a-5b405561b0200;5b405561b0200-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 200 blocks.style.build.css
etandoz.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 2 KB
716 B 355ms
51ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.5.3
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Wed, 09 Sep 2020 09:46:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 608
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 styles.css
etandoz.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
642 B 355ms
52ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Tue, 07 Apr 2020 20:33:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 585
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 ezoic-integration-public.css
etandoz.com/wp-content/plugins/ezoic-integration/public/css/ 98 B
153 B 356ms
52ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/ezoic-integration/public/css/ezoic-integration-public.css?ver=1.3.13
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
last-modified: Thu, 27 Aug 2020 19:25:44 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 98
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 style.min.css
etandoz.com/wp-content/plugins/social-warfare/assets/css/ 85 KB
10 KB 356ms
52ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.1.0
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 5820216486981914837a6b4f07dc46f6969a726d301a867b6043b149fab43ec7

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Wed, 09 Sep 2020 09:46:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9814
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 font-awesome.min.css
etandoz.com/wp-content/themes/newspaper-lite/assets/lib/font-awesome/css/ 30 KB
7 KB 360ms
57ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6662
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 1020 B
521 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&ver=5.5.3

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe550434094ec4b080238fd3873fedb7c481556e0f9694f6b209cf2c2a54334b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 Nov 2020 08:06:42 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Sat, 21 Nov 2020 09:44:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 21 Nov 2020 09:44:38 GMT

GET
H2 200 newspaper-lite.min.css
etandoz.com/wp-content/themes/newspaper-lite/assets/css/ 57 KB
10 KB 392ms
88ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/css/newspaper-lite.min.css?ver=1.0.6
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: fb74f2f57a90c644b95268c211a5a6efc3faeeb30ff0bd28aa946923c950cfa3

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10065
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 style.css
etandoz.com/wp-content/themes/newspaper-lite/ 2 KB
834 B 392ms
89ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/style.css?ver=1.0.6
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 691bf31bb63491d6a8fbb7c3dc7f8ca4b081ba77ad2836b07ce46dc2163d972e

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 801
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 newspaper-lite-responsive.min.css
etandoz.com/wp-content/themes/newspaper-lite/assets/css/ 5 KB
1 KB 392ms
89ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/css/newspaper-lite-responsive.min.css?ver=1.0.6
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: b1132996507b2307c59702977232dc53440b200e4a9159efc3d1148a296faa4e

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1259
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 jetpack.css
etandoz.com/wp-content/plugins/jetpack/css/ 70 KB
12 KB 395ms
92ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/jetpack/css/jetpack.css?ver=7.8.1
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Wed, 20 Nov 2019 01:38:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12090
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 jquery.js Show response
etandoz.com/wp-includes/js/jquery/ 95 KB
32 KB 396ms
94ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 20:38:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32853
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 vertical-m.css
etandoz.com/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/ 2 KB
565 B 395ms
93ms Stylesheet
text/css 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/wordpress-23-related-posts-plugin/static/themes/vertical-m.css?version=3.6.4
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 2e65c19fd70c24a9c0d2e3f80b88d25413f511455664becdfd4217ee392a619c

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:38 GMT
content-encoding: br
last-modified: Tue, 23 Jul 2019 08:20:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 507
expires: Sat, 28 Nov 2020 09:44:38 GMT

GET
H2 200 boise.js Show response
g.ezoic.net/detroitchicago/ 983 B
458 B 148ms
44ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/boise.js?gcb=191-2&cb=1
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 426

GET
H2

200

/ Show response
etandoz.com/
Redirect Chain

https://etandoz.com/ezoic/cookieconsent.min.js
https://etandoz.com/

172 KB
32 KB

1248ms
947ms

Script
text/html

173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 11baffff70fe74bb15d97abf789d273cdd1c9628d326bd452f2fceca009b0444

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
pagespeed: off
x-sol: pub_site
server: LiteSpeed
display: pub_site_sol
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-middleton-display: pub_site_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
link: <https://etandoz.com/wp-json/>; rel="https://api.w.org/"
expires: Fri, 20 Nov 2020 09:44:40 GMT

Redirect headers

date: Sat, 21 Nov 2020 09:44:39 GMT
last-modified: Fri, 13 Nov 2020 23:24:56 GMT
server: LiteSpeed
http_code: HTTP/2 200
etag: "11a4-5b405561b0200-gzip"
vary: Accept-Encoding
content-type: application/javascript
location: https://etandoz.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT, Sun, 21 Nov 2021 09:44:39 GMT

GET
H2 200 ezd.js Show response
www.ezojs.com/ezoic/ 12 KB
4 KB 50ms
18ms Script
application/javascript 2606:4700:3030::681b:930b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/ezoic/ezd.js
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:930b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7d72a2373d9d7be8325768387530166efe2d3906374ebbd23267cc8ec8e771a

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1222165
cf-bgj: minify
cf-request-id: 068bca14c60000062dc6950000000001
last-modified: Fri, 30 Oct 2020 17:48:54 GMT
server: cloudflare
etag: W/"2e60-5b2e702940d80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ibs5ViL9arIg4Owvv8%2Bn9Cq5O7vmozGIpwlIZyr94BRIHGg6GFTPFhwE4MX4YRPx4yacVUUtFSeSCtQgrU%2FzrQVCitaFnGv7uwP2dbUi7SW0WTQo1eXoDk%2B4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 5f5979347e47062d-FRA
expires: Sun, 07 Nov 2021 06:15:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 129 KB
45 KB 56ms
24ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45330
x-xss-protection: 0
server: cafe
etag: 5588824410463320120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 Nov 2020 09:44:40 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 59ms
13ms Image
image/png 2600:9000:2104:a400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:a400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:36:09 GMT
via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-sol: middleton
age: 313711
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol, staticcontent_sol
content-length: 1181
x-amz-cf-id: rlB7kGi5r8i8qOHBq6s0GMeIYiqmwquvcOKsHaHK3g8azUmPVvaMXA==
last-modified: Fri, 13 Nov 2020 23:24:56 GMT
server: nginx/1.16.0
etag: "49d-5ac9ecc7b5bc0-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: AMS1-C1
display: staticcontent_sol, staticcontent_sol
expires: Tue, 24 Nov 2020 18:36:09 GMT

GET
H2 200 scripts.js Show response
etandoz.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 354ms
53ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:39 GMT
content-encoding: br
last-modified: Tue, 07 Apr 2020 20:33:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3752
expires: Sat, 28 Nov 2020 09:44:39 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 58ms
18ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202047
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Sat, 21 Nov 2020 09:44:39 GMT
content-encoding: gzip
server: nginx
etag: W/"5bffef65-52b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-ac: 4.vie _dca
expires: Mon, 15 Nov 2021 18:11:30 GMT

GET
H2 200 track-internal-links.js Show response
etandoz.com/wp-content/plugins/interlinks-manager/public/assets/js/ 1 KB
422 B 353ms
52ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/interlinks-manager/public/assets/js/track-internal-links.js?ver=1.18
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 8afa8127232deafbb8cf00f91b373547b808ae5ea1cb117fa84425ea7e0d1f41

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:39 GMT
content-encoding: br
last-modified: Mon, 16 Sep 2019 06:23:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 341
expires: Sat, 28 Nov 2020 09:44:39 GMT

GET
H2 200 script.min.js Show response
etandoz.com/wp-content/plugins/social-warfare/assets/js/ 17 KB
5 KB 352ms
52ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.1.0
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 244de6960388f992e43c07685dd8c7ca1ee4424d85874a72036f2f8e692bbd7b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:39 GMT
content-encoding: br
last-modified: Wed, 09 Sep 2020 09:46:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4847
expires: Sat, 28 Nov 2020 09:44:39 GMT

GET
H2 200 smush-lazy-load.min.js Show response
etandoz.com/wp-content/plugins/wp-smushit/app/assets/js/ 10 KB
4 KB 352ms
51ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.6.3
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Thu, 27 Aug 2020 19:26:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4062
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 jquery.bxslider.min.js Show response
etandoz.com/wp-content/themes/newspaper-lite/assets/lib/bxslider/ 23 KB
6 KB 352ms
51ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/lib/bxslider/jquery.bxslider.min.js?ver=4.2.12
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: a8e3c1f378254611d83d27991dd0bd18c759d064fe52160f16043be1ec434cc5

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5765
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 jquery.sticky.js Show response
etandoz.com/wp-content/themes/newspaper-lite/assets/lib/sticky/ 7 KB
2 KB 367ms
55ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/lib/sticky/jquery.sticky.js?ver=20150416
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1848
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 sticky-setting.js Show response
etandoz.com/wp-content/themes/newspaper-lite/assets/lib/sticky/ 304 B
193 B 367ms
55ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/lib/sticky/sticky-setting.js?ver=20150309
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: aaae58058e6e3602ab24ccd60c7641c5dc7bddb1fada4204576659997eac1c40

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 159
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 custom-script.min.js Show response
etandoz.com/wp-content/themes/newspaper-lite/assets/js/ 3 KB
1 KB 367ms
56ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/js/custom-script.min.js?ver=1.0.6
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 6f9ff71fd4f31aff5a89306a6ba57f55ea8a700d46e90e34245ff49733c44b03

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1105
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 wp-embed.min.js Show response
etandoz.com/wp-includes/js/ 1 KB
726 B 366ms
56ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Thu, 08 Oct 2020 07:45:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 668
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 41ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.5.3
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2028
etag: W/"af07e3bccd7885748057bb532c526ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 5f5979346d6ebedd-FRA
cf-request-id: 068bca14c40000bedd46ac0000000001
expires: Tue, 24 Nov 2020 09:44:40 GMT

GET
H2 200 e-202047.js Show response
stats.wp.com/ 9 KB
3 KB 69ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202047.js
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT vie
date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 15 Nov 2021 11:26:28 GMT

GET
H2 200 houston.js Show response
g.ezoic.net/detroitchicago/ 3 KB
1 KB 143ms
43ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/houston.js?gcb=2&cb=27
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: bc9f09ed09d7297e39457f94fa1c015406d38e730110e8d7b70b9a02e572dcd0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 1100

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 127ms
41ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

88ccb5c6f7f8d57297543ffc4d4a1d89c44df56e844dab6610640b71bef4dc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "700 / 470 of 1000 / last-modified: 1605914035"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18520
x-xss-protection: 0
expires: Sat, 21 Nov 2020 09:44:40 GMT

GET
H2 200 banger.js Show response
g.ezoic.net/porpoiseant/ 50 KB
11 KB 164ms
65ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/banger.js?cb=191-2&bv=92&v=35&PageSpeed=off
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 874e9c775f786c647fa0d6824b805486d3ca7e0d94dfb101ee0224315e8ef4fb

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000, public
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 memphis.js Show response
g.ezoic.net/detroitchicago/ 5 KB
1 KB 102ms
44ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/memphis.js?gcb=191-2&cb=2
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 3280d840db75382b0a366d79bcd0dbe276a33e62b7be641e27b8b4bf68f66156

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 1463

GET
H2 200 minneapolis.js Show response
g.ezoic.net/detroitchicago/ 845 B
451 B 95ms
44ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/minneapolis.js?gcb=191-2&cb=1
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 419

GET
H2 200 raleigh.js Show response
g.ezoic.net/detroitchicago/ 2 KB
814 B 55ms
55ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/raleigh.js?gcb=191-2&cb=2
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 12ceaaa105abb177182163d2b3c95418076c4cd7881b107e39e1ae77dde7f7c1

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 782

GET
H2 200 tampa.js Show response
g.ezoic.net/detroitchicago/ 754 B
437 B 56ms
55ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/tampa.js?gcb=191-2&cb=1
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 405

GET
H2 200 rochester.js Show response
g.ezoic.net/detroitchicago/ 2 KB
783 B 56ms
56ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/rochester.js?cb=191-2&v=9
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 751

GET
H2 200 wp-emoji-release.min.js Show response
etandoz.com/wp-includes/js/ 14 KB
4 KB 360ms
56ms Script
application/javascript 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Thu, 08 Oct 2020 07:45:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4319
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fetandoz.com%2F&domain=etandoz.com&cw=1
https://mug.criteo.com/sid?cpp=eLMJUnxrZUgxUmhubGZGWEc1ekdDaG5mNXVCL0ZyeVFoREo1NDE4ZDh1YjhzZ2QrZDkzVGVBOHB0dEdZRWhPbVYzd2FsV3JyRWNoL1ZxZ245RXduL01FMTUzalc0dkJrZ1F0WkhzWkVXNUczTDR4RS9BYUR3YmR0TTZLOU...

345 B
638 B

116ms
37ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eLMJUnxrZUgxUmhubGZGWEc1ekdDaG5mNXVCL0ZyeVFoREo1NDE4ZDh1YjhzZ2QrZDkzVGVBOHB0dEdZRWhPbVYzd2FsV3JyRWNoL1ZxZ245RXduL01FMTUzalc0dkJrZ1F0WkhzWkVXNUczTDR4RS9BYUR3YmR0TTZLOU8ydUJTbHRnUFpFeHFPZG1MSWNjbmRpLytxeld2UkxrRndOaTdpekp5ZlQwZ0NwUmU5Q0MvT3pNR2V2WG53cEdKUmo5cGt5VFlpM3JkSkVmUVdKL1hKUlk3YmpMMUJBPT18&cppv=2

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

424f0c195542bdc7be09d2c2619422c87d3c7490893e6792ed434dda0d10a3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 21 Nov 2020 09:44:38 GMT
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1058
content-length: 345
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 21 Nov 2020 09:44:38 GMT
location: https://mug.criteo.com/sid?cpp=eLMJUnxrZUgxUmhubGZGWEc1ekdDaG5mNXVCL0ZyeVFoREo1NDE4ZDh1YjhzZ2QrZDkzVGVBOHB0dEdZRWhPbVYzd2FsV3JyRWNoL1ZxZ245RXduL01FMTUzalc0dkJrZ1F0WkhzWkVXNUczTDR4RS9BYUR3YmR0TTZLOU8ydUJTbHRnUFpFeHFPZG1MSWNjbmRpLytxeld2UkxrRndOaTdpekp5ZlQwZ0NwUmU5Q0MvT3pNR2V2WG53cEdKUmo5cGt5VFlpM3JkSkVmUVdKL1hKUlk3YmpMMUJBPT18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://etandoz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 883
content-length: 455
expires: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4507
date: Sat, 21 Nov 2020 08:29:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 21 Nov 2020 10:29:33 GMT

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
510 B 63ms
62ms Script
text/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 63d43ef2a46ed4f40d42a75a32a3018526280358901559f220990ef052be03e9

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Fri, 13 Nov 2020 23:24:56 GMT
server: nginx/1.16.0
etag: c58bcc14401c2cd480d6744d654ac4e0
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cache-control: max-age=999999, private
content-length: 275
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://etandoz.com
Referer: https://fonts.googleapis.com/css?family=Poppins&ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 22:12:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:13 GMT
server: sffe
age: 559904
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Sun, 14 Nov 2021 22:12:56 GMT

GET
H2 200 fontawesome-webfont.woff2
etandoz.com/wp-content/themes/newspaper-lite/assets/lib/font-awesome/fonts/ 75 KB
75 KB 355ms
55ms Font
font/woff2 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: etandoz.com
URL: https://etandoz.com/wp-content/themes/newspaper-lite/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://etandoz.com
Referer: https://etandoz.com/wp-content/themes/newspaper-lite/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
last-modified: Mon, 28 Sep 2020 08:04:42 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77160
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 l.svg
www.ezodn.com/utilcave_com/ 965 B
1 KB 40ms
14ms Image
image/svg+xml 2606:4700:3036::6812:3689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ezodn.com/utilcave_com/l.svg
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:3689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 271392
x-middleton-display: staticcontent_sol, staticcontent_sol
x-sol: middleton
cf-request-id: 068bca150e00002bb96981b000000001
last-modified: Fri, 13 Nov 2020 23:24:56 GMT
server: cloudflare
etag: W/"3c5-5ac9ecc7b5bc0-gzip-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RZJq7Mc1brGc4klpNp%2BsiDwaqRqKLL%2FXxffZ1LgLCjS39gfZqZpkX%2BRQQYZScskXIfRMZkFOeOqAXMFAsocKWLcUl5R1mvt2N%2Fc1QArokUOVzsEYQmiHF81Y"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800
cf-ray: 5f597934efe52bb9-FRA
display: staticcontent_sol, staticcontent_sol
expires: Wed, 25 Nov 2020 06:21:28 GMT

GET
H2 200 diwali-53.jpg
etandoz.com/wp-content/uploads/2020/10/ 23 KB
23 KB 353ms
51ms Image
image/jpeg 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etandoz.com/wp-content/uploads/2020/10/diwali-53.jpg
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 485304633becb4f63b4478dbda0941ad068f683a84a41f36491ec4b1325d7c45

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
last-modified: Sat, 03 Oct 2020 08:37:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23136
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 diwali-51-1210x642.jpg
etandoz.com/wp-content/uploads/2020/10/ 78 KB
78 KB 359ms
58ms Image
image/jpeg 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etandoz.com/wp-content/uploads/2020/10/diwali-51-1210x642.jpg
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 7b6c18953b125345d4e72676243ab9906b17fda1b925ffc9cbebf1d3aeff0ac9

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
last-modified: Sat, 03 Oct 2020 08:16:43 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 80015
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 diwali-45.jpg
etandoz.com/wp-content/uploads/2020/10/ 32 KB
32 KB 381ms
80ms Image
image/jpeg 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etandoz.com/wp-content/uploads/2020/10/diwali-45.jpg
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 77823d90004f02da5cf3f7c8cf199ced141babfb81606c5329101e0f3ec4e4c8

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
last-modified: Fri, 02 Oct 2020 16:03:28 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32647
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 diwali-42.jpg
etandoz.com/wp-content/uploads/2020/10/ 12 KB
12 KB 397ms
96ms Image
image/jpeg 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etandoz.com/wp-content/uploads/2020/10/diwali-42.jpg
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: ff0e43ae4e799c9ded0320c3fe982045373b42aac2ca114966566d4ca54bf490

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
last-modified: Fri, 02 Oct 2020 15:45:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11973
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 diwali-1.png
etandoz.com/wp-content/uploads/2020/10/ 42 KB
42 KB 398ms
96ms Image
image/png 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etandoz.com/wp-content/uploads/2020/10/diwali-1.png
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 474680bdf7c61617f80ef117ecc09ff5c074bf91fa22d160edab08765e48216c

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
last-modified: Fri, 02 Oct 2020 15:11:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 43116
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H2 200 diwali-38-1200x642.jpg
etandoz.com/wp-content/uploads/2020/10/ 63 KB
63 KB 402ms
101ms Image
image/jpeg 173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etandoz.com/wp-content/uploads/2020/10/diwali-38-1200x642.jpg
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 8072d2fdc3e9070342609d285bbb46d4072a6180c04783786ef5e118caa94b6a

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
last-modified: Fri, 02 Oct 2020 14:45:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 64534
expires: Sat, 28 Nov 2020 09:44:40 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
57 B 61ms
46ms Image
image/gif 2a00:1450:4001:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=476505992&utmhn=etandoz.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod21-c)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&utmhid=2122893375&utmr=-&utmp=%2F&utmht=1605951880547&utmac=UA-131156852-28&utmcc=__utma%3D242257238.983744617.1605951881.1605951881.1605951881.1%3B%2B__utmz%3D242257238.1605951881.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=650032085&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 60ms
46ms Image
image/gif 2a00:1450:4001:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=2019809190&utmhn=etandoz.com&utme=8(template*domain)9(pub_site*etandoz.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&utmhid=2122893375&utmr=-&utmp=%2F&utmht=1605951880550&utmac=UA-38339005-1&utmcc=__utma%3D242257238.983744617.1605951881.1605951881.1605951881.1%3B%2B__utmz%3D242257238.1605951881.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=931054363&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 153ms
113ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Sat, 21 Nov 2020 09:44:40 GMT

GET
H2 200 imp.gif
g.ezoic.net/detroitchicago/ 43 B
117 B 229ms
228ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A4%2C%22ad_location_ids%22%3A%225%2C1%2C0%2C35%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Vienna%22%2C%22country%22%3A%22AT%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A163104%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22391%22%2C%22iab_category_1%22%3A%22413%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1105%2C1124%2C1125%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22bcbff65b-e198-4141-7bc1-05b67f21bc78%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%221210%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A0%2C%22serverid%22%3A%223.125.19.78%3A25335%22%2C%22state%22%3A%229%22%2C%22sub_page_ad_positions%22%3A%221100%2C1105%2C1124%2C1125%22%2C%22t_epoch%22%3A1605951878%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fetandoz.com%2F%22%2C%22user_id%22%3A0%2C%22visit_uuid%22%3A%2252bb0e15-81a1-426f-6287-bbaabefb797f%22%2C%22word_count%22%3A2412%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H2 200 anaheim.js Show response
g.ezoic.net/detroitchicago/ 665 B
369 B 96ms
96ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/anaheim.js?gcb=2&cb=1
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 337

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
54 B 95ms
95ms Script
text/html 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
152 B 95ms
95ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiJjNThiY2MxNDQwMWMyY2Q0ODBkNjc0NGQ2NTRhYzRlMCJ9XX1d
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:40 UTC

GET
H2 200 nmash.js Show response
g.ezoic.net/porpoiseant/ 22 KB
5 KB 94ms
93ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/nmash.js?v=92
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/banger.js?cb=191-2&bv=92&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 67d096296b53e2a0180360a9301d36ad6abbc718d98d7a0204719169d63274bd

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
last-modified: Fri, 13 Nov 2020 23:24:56 GMT
server: nginx/1.16.0
etag: "5769-5b405561b0200;5b405561b0200-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
218 B 116ms
41ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://etandoz.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
541 B 164ms
53ms XHR
application/json 52.17.253.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.253.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f8561f20143672d030a9af6685615d626da2be6e45f01a006bf1facbe617f331

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://etandoz.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 21 Dec 2020 09:44:40 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
987 B 46ms
32ms Script
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1359
x-amz-request-id: 0799080C80B05F89
x-amz-id-2: zkDkLkPt4FCGNaGYxQl5ABhtIsCtsazkXVnTDi/SUnx09e/ZlVtN2u1wcWmUyvbGb+UIFOQyOYI=
last-modified: Mon, 14 Sep 2020 09:32:14 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vv2B23ZXZDToSFQMydEFcQPRWwaTvJQIViuvDpxBMzzJfPTX5hQFmFkZvw6VxpfKGoMSQ%2F5yfuXFpiBaMM8FPj7rkCTE9qOKtEI2BkqK1pLb%2FyG6jrdV9woM6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 068bca160d00000605eb1a6000000001
cf-ray: 5f5979367a740605-FRA

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 14 KB
2 KB 21ms
5ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 26325
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1386
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
x-served-by: cache-fra19151-FRA, cache-hhn4038-HHN
date: Sat, 21 Nov 2020 09:44:40 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
442 B 113ms
49ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.254 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://etandoz.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H/1.1 204
No Content hb Show response
hb.undertone.com/ 0
847 B 796ms
194ms XHR
text/plain 52.8.73.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=4009&domain=etandoz.com&gdpr=0&gdprstr=
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.73.135 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-73-135.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:41 GMT
x-envoy-decorator-operation: ramp-lift-request-service.ramplift-v2-p-us-west-1.svc.cluster.local:80/*
server: istio-envoy
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://etandoz.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
Connection: keep-alive
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 289 B
845 B 197ms
82ms XHR
application/json 18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20904&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2C3d4d88f6a0e3879d90adc17ce6185070%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fetandoz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fetandoz.com%2F&ns=10240
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 45889999142b356acbb9554474ae2f2480398cb20b969ce57655b8828834b191

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://etandoz.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 289 B
844 B 197ms
82ms XHR
application/json 18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20886&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2C3d4d88f6a0e3879d90adc17ce6185070%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fetandoz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fetandoz.com%2F&ns=10240
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 781d6fd1dc6d3b359f3d9446968a414b8f22b134149ffddfc380f1e7c3af7f3c

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://etandoz.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 289 B
845 B 191ms
76ms XHR
application/json 18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20829&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2C3d4d88f6a0e3879d90adc17ce6185070%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fetandoz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fetandoz.com%2F&ns=10240
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fe770e1899813ba29394b0ec8ef94ff1a161ddc37e20d7074180232976ec0ae9

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://etandoz.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 289 B
842 B 195ms
81ms XHR
application/json 18.200.32.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20851&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2C3d4d88f6a0e3879d90adc17ce6185070%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fetandoz.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fetandoz.com%2F&ns=10240
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.32.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-32-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 611897c7cfdda8769e28fdffc2eea1a70615431ad66158e03eb43f0f4daf6bea

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://etandoz.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/215626/0/ 0
268 B 197ms
48ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/215626/0/mvo?z=1r&hbv=3.27,2.1
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://etandoz.com
Pragma: no-cache
Date: Sat, 21 Nov 2020 09:44:40 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 37 KB
12 KB 224ms
147ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6789cb85ff91dc894b176b6f6d113341214aa0592aa86e3dcf74c7a445584cf6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 21 Nov 2020 09:44:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 898cedcf-68d5-4e29-b2e4-5bae0487af54
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://etandoz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 125ms
41ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=83739427412
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://etandoz.com
date: Sat, 21 Nov 2020 09:44:40 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
77 B 43ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoiZXh0X3VzZXJfaGFzaCIsInZhbCI6Ik5UIn1dfV0=
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:40 UTC

GET
H2

200

/ Show response
etandoz.com/
Redirect Chain

https://etandoz.com/ezoic/anchorfix.js?cb=191-2
https://etandoz.com/

173 KB
32 KB

1442ms
1139ms

Script
text/html

173.249.24.142
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://etandoz.com/
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.24.142 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: server1.symbolhost.org
Software: LiteSpeed /
Resource Hash: 97f89af5c09a23fbbdd1ef04e436d1b99b58617a3b6cc4940146af9d6aff2347

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: br
pagespeed: off
x-sol: pub_site
server: LiteSpeed
display: pub_site_sol
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-middleton-display: pub_site_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
link: <https://etandoz.com/wp-json/>; rel="https://api.w.org/"
expires: Fri, 20 Nov 2020 09:44:43 GMT

Redirect headers

date: Sat, 21 Nov 2020 09:44:41 GMT
server: LiteSpeed
http_code: HTTP/2 200
x-redirect-by: WordPress
vary: Accept-Encoding
content-type: application/javascript
location: https://etandoz.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 879
expires: Wed, 11 Jan 1984 05:00:00 GMT, Sun, 21 Nov 2021 09:44:41 GMT

GET
H2 200 edmonton.webp Show response
g.ezoic.net/detroitchicago/ 14 KB
4 KB 44ms
44ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/edmonton.webp?a=a&cb=191-2&shcb=34
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 jellyfish.webp Show response
g.ezoic.net/porpoiseant/ 58 KB
11 KB 92ms
92ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/porpoiseant/jellyfish.webp?a=a&cb=191-2&shcb=34
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 231 KB
87 KB 75ms
61ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Nov 2020 09:44:40 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 5218 0
0 24ms
5ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 21 Nov 2020 01:33:36 GMT
expires: Sat, 05 Dec 2020 01:33:36 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 29464
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 90 KB
32 KB 63ms
53ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b502d47f3322506391caadc21225ecae1dc4286c62ddb753ef10cfb357625801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32330
x-xss-protection: 0
server: cafe
etag: 3390310256420484827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 Nov 2020 09:44:40 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 19ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.8.1&blog=161195524&post=0&tz=0&srv=etandoz.com&host=etandoz.com&ref=&fcp=3735&rand=0.8988658905090963
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 adagio.js Show response
script.4dex.io/ 64 KB
19 KB 80ms
53ms Fetch
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 61154888CB4ABC31
access-control-allow-methods: GET
x-amz-id-2: tK50GKuMTUFoaqzWPTxP3v8bwv00PHlYiaTn0EcI6G/ZtWooxbaG8oi2bI41aBCmp2do/L37x8A=
last-modified: Mon, 14 Sep 2020 09:32:12 GMT
server: cloudflare
etag: W/"71c0e5f7067bdadc5d565e8027f77ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=extkF1b7kWxrS2XZn%2Fk4yHzsZChrItyg5jbuX48UcCdGjll8pTduqQ8uzzEQ7qRx6otiae%2BOWRSjQOmOVulnkmb5HMTsv0Vt606Ou3fxE8EJUigHSeyROtjUug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 068bca16a00000e003b91a0000000001
cf-ray: 5f5979376dc2e003-FRA

GET
H2 200 integrator.js Show response
adservice.google.at/adsid/ 109 B
803 B 47ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.at/adsid/integrator.js?domain=etandoz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
781 B 44ms
31ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=etandoz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 203 KB
98 KB 1560ms
1560ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1067106022744905&correlator=4069097526442491&output=ldjh&impl=fif&eid=21068728%2C21068031%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201121&iu_parts=1254144%2Cetandoz_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C200x200%7C180x150%7C300x250%7C320x50%7C120x240%7C970x90%7C970x250%7C125x125%7C234x60%7C250x250%7C468x60%7C320x100&fluid=height&prev_scp=iid3%3D268903%26t%3D134%26d%3D163104%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26a%3D%257C5%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Detandoz_com-box-2-268903%26eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26eba%3D1%26asau%3D5654508248%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26acptad%3D1%26ft%3D1%26br1%3D160%26br2%3D80%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C0%252C4%252C97%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1605951880&dt=1605951880889&dlt=1605951878434&idt=2424&frm=20&biw=1600&bih=1200&oid=3&adxs=200&adys=114&adks=2000855208&ucis=1&sps=channel,,3980499387|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,20929A|color_text,,000000|color_url,,F0F0F0&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fetandoz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x98&msz=1200x90&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=true&ga_wpids=UA-131156852-28&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

90782932720d45af116fb069cae0fc65aaf004aa95c6b6d22698f5f9136310da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99801
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etandoz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
39ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
716 B 416ms
416ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1067106022744905&correlator=4069097526442491&output=ldjh&impl=fif&eid=21068728%2C21068031%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201121&iu_parts=1254144%2Cetandoz_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid3%3D258850%26t%3D134%26d%3D163104%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Detandoz_com-box-1-258850%26eb_br%3D57914c3716312cb7e954090f0717ea25%26eba%3D1%26asau%3D5654508248%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26acptad%3D1%26ft%3D1%26br1%3D260%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C0%252C4%252C97%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1605951880&dt=1605951880899&dlt=1605951878434&idt=2424&frm=20&biw=1600&bih=1200&oid=3&adxs=1077&adys=572&adks=1638364331&ucis=2&sps=channel,,3980499387|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fetandoz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x274&msz=302x252&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=true&ga_wpids=UA-131156852-28&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

c5af0d1449845c496368405a47ab0c6e07563772764e74b3f7782151b2c20730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etandoz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 464 B
274 B 727ms
726ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1067106022744905&correlator=4069097526442491&output=ldjh&impl=fif&eid=21068728%2C21068031%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201121&iu_parts=1254144%2Cetandoz_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid4%3D301151%26t%3D134%26d%3D163104%26t1%3D134%26pvc%3D0%26ap%3D1125%26sap%3D1125%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Detandoz_com-large-leaderboard-1-301151%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26asau%3D5654508248%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ft%3D1%26br1%3D300%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1605951880&dt=1605951880902&dlt=1605951878434&idt=2424&frm=20&biw=1600&bih=1200&oid=3&adxs=1077&adys=2394&adks=3270114495&ucis=3&sps=channel,,3980499387|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fetandoz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x274&msz=302x252&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=true&ga_wpids=UA-131156852-28&fws=4&ohw=302&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

397690de4cf308d2708b609ad5bc5fd2433039ae76ed53db257f068de69cbaed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etandoz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
29 KB 1110ms
1110ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1067106022744905&correlator=4069097526442491&output=ldjh&impl=fif&eid=21068728%2C21068031%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201121&iu_parts=1254144%2Cetandoz_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=iid3%3D275653%26t%3D134%26d%3D163104%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Detandoz_com-medrectangle-2-275653%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26asau%3D5654508248%26bv%3D5%26bvm%3D0%26bvr%3D5%26shp%3D1%26ft%3D1%26br1%3D300%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C28%252C67%252C45%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1605951880&dt=1605951880904&dlt=1605951878434&idt=2424&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1100&adks=3401999956&ucis=4&sps=channel,,3980499387|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,0C9C11|color_text,,000000|color_url,,0C9C11&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fetandoz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=true&ga_wpids=UA-131156852-28&fws=516&ohw=970&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

aa265f0c78d6c94ff3fdb8e12d48dec191495c0872b56b8debfdb749811df39f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_970x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_970x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWxuPusk-0CFQXFuwgdRpAAyA&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_970x90.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_970x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_970x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWxuPusk-0CFQXFuwgdRpAAyA&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_970x90.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28995
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 21 Nov 2020 09:44:41 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etandoz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
77 B 43ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTEtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:40 UTC

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 118ms
42ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=etandoz.com&callback=_gfp_s_&client=ca-pub-6396844742497208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

0b05aab2d178ca0b7d17c7ba9231fc686f1e3479c3ea4c10d8e5eb6c2be4c7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 15ms
15ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fetandoz.com%2F&tn=DIV&id=ezmobfooter&cls=ezmob-footer%20ezoic-floating-bottom%20ezo_ad%20ezmob-footer-desktop&ign=false

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D104 0
0 79ms
79ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1605951880&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16810120%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fetandoz.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605951880801&bpp=4&bdt=2367&idt=146&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4337236543430&frm=20&pv=2&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=1&ga_wpids=UA-131156852-28&iag=0&icsg=3421732450860994&dssz=100&mdo=0&mso=2048&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=1067106022744905&pem=317&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=164

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6396844742497208&output=html&adk=1812271804&adf=3025194257&lmt=1605951880&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A16810120%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fetandoz.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605951880801&bpp=4&bdt=2367&idt=146&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4337236543430&frm=20&pv=2&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=1&ga_wpids=UA-131156852-28&iag=0&icsg=3421732450860994&dssz=100&mdo=0&mso=2048&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=1067106022744905&pem=317&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=164
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 21 Nov 2020 09:44:41 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 21-Nov-2020 09:59:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 21 Nov 2020 09:44:41 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Sat, 21 Nov 2020 09:44:40 GMT

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
123 B 44ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjI4NzcifV19XQ==
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:41 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:41 UTC

GET
H3-Q050 200 container.html
65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 83E0 0
0 35ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sat, 21 Nov 2020 09:44:40 GMT
expires: Sun, 21 Nov 2021 09:44:40 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
93 B 135ms
43ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/banger.js?cb=191-2&bv=92&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 21 Nov 2020 09:44:42 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
100 B 43ms
42ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjM1OTUifV19XQ==
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:40 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 45ms
44ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjc1NjUzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjc1NjUzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI5MGMzYzQ4ZDAxNzI5MTZkMjdjMTAyZWE0YWE5ZDQ5YyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjc1NjUzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMywiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyNzU2NTMiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NDM4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyNzU2NTMiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:41 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 46ms
45ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjc1NjUzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTExLTIxIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItNjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:41 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 48ms
47ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjc1NjUzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImF1Y3Rpb25fZXBvY2giOjE2MDU5NTE4ODIsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiYmlkX2Zsb29yX2luaXRpYWwiOjMwMCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjMwMCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MTE2MCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:41 UTC

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame B9B1 180 KB
50 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 588489
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B9B1 13 KB
5 KB 35ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 588489
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B9B1 90 KB
28 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 588489
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B9B1 72 KB
16 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 107739
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16597
x-xss-protection: 0
server: sffe
date: Fri, 20 Nov 2020 03:49:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b07487c3da4c1d6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Nov 2021 03:49:03 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B9B1 3 KB
1 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 588484
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B9B1 41 KB
13 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 588489
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
DATA 200
OK truncated
/ Frame B9B1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 661a73094cc5203e58f1d95dc2e3aa0e745baa3bdc1223881254fd64521920a7

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9B1 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 81344
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9B1 295 B
565 B 8ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: etandoz.com
URL: https://etandoz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 40361
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Nov 2020 22:32:01 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B9B1 0
0 14ms
13ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFfIQJZiKdt8ydQ4T1pWV0Q15NRjYO9R1qAkAmB7rufdf5Ddyl6EiYqus7Y0_tuJAdSHb4
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B9B1 0
0 45ms
44ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7oHqieG4X6L_O4Sv7_UPiamWyAm7itKXYIDso4rKDJ3M_d8FEAEg9PnGJWCpsL6AzAGgAZG62vsCyAEJqQKJ7uhjJOSzPuACAKgDAcgDCKoEvwFP0G77Zh6NkI0cY6kRRC3dSfUXufKZOIAMsHWwE0WNT2rS1TBb1G6C-vHbeA36rpqZkxgAzzm0ovmNyUwMNHrl8Gt3y5tsbz-kRRw2dKb7Lh25pU9fqix8GQV8vtCX37iXw4sKM7TwiDrRBn66xWTA5vfuL5vOFKyu_OHUou1m7xH_0wCuVJktMqDxe2YnnXmHDGB7oBAtqpnBxRWy-NZ2SSPYIIfV-NgkVT9aCVBj6mkeA6zo-ShH9vy0cbxZosAE4pPcypQD4AQBkgUECAQYAZIFBAgFGASgBi6AB9fFpYQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEN_KedIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNjE3NDA0NTcyMTA1NDkwN4AKA8gLAdgTDbIXGgoYCAESFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=LtxXH1-wB5I&template_id=419&tpd=AGWhJmuNU7uPGA1DgGk0FgowxPoLvmHt-rpsWqvZM5M360dn8A
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B9B1 54 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51cb314e9b843ea3d1fd1b52e9f760aab7e99028ac5330b712feeb0164a63c6f

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9B1 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45a3a31804d386e5fb9410421c32284455bf6d434c6051f68cf1d23643c102f1

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9B1 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3f70903456eb86877a88e3063aec8283ebb645fd5b974f0b71df25bca56af30

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 43ms
43ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/banger.js?cb=191-2&bv=92&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 21 Nov 2020 09:44:42 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 46ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzNTMwZmNiNmJjYzEzZGMzYzE3MTJlYWVmN2Q5MjcwMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTYsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI2ODkwMyIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInVuaXQiOiJkaXYtZ3B0LWFkLWV0YW5kb3pfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0MzgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI2ODkwMyIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInVuaXQiOiJkaXYtZ3B0LWFkLWV0YW5kb3pfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:41 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 46ms
44ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTExLTIxIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItNjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:42 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
100 B 45ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImF1Y3Rpb25fZXBvY2giOjE2MDU5NTE4ODMsImFkX3Bvc2l0aW9uIjoxMTA1LCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiYmlkX2Zsb29yX2luaXRpYWwiOjE2MCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjE2MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MTY0OSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:42 UTC

GET
H2 200 v1 Show response
prebid.digitru.st/id/ 425 B
1 KB 77ms
31ms XHR
application/json 2600:9000:2104:1600:a:d79f:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.digitru.st/id/v1
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1600:a:d79f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9fb7df21c9e4c85d23a70a25b4823a85b7a7c617fbae015cfce65a5779fa9e2d

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 21 Nov 2020 09:44:42 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, OPTIONS
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://etandoz.com
cache-control: private, max-age=15552000
access-control-allow-credentials: true
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
content-length: 425
x-amz-cf-id: sL2_fk5lzJSy-XT6iVSTtLAGsRACo8x9JcFvPKHpIzBiRdQoHCXmsg==

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9B1 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 81344
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B9B1 295 B
320 B 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 40361
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Nov 2020 22:32:01 GMT

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
123 B 77ms
75ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjc1NjUzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:43 UTC

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=1138646690&utmhn=etandoz.com&utmt=event&utme=14(6500*0*100*1210*40*430*4110*4110)(6518*0*108*1218*40*431*4110*4110)8(template*domain)9(pub_site*etandoz.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&utmhid=2122893375&utmr=-&utmp=%2F&utmht=1605951883195&utmac=UA-38339005-1&utmcc=__utma%3D242257238.983744617.1605951881.1605951881.1605951881.1%3B%2B__utmz%3D242257238.1605951881.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Nov 2020 19:27:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51426
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
77 B 53ms
52ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjU0MCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTc1OSJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiNDAifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMjMxMSJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjIzMzUifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNDcxOCJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:43 UTC

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
77 B 50ms
49ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIzNzM1In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIzNzM1In1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:43 UTC

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
77 B 50ms
50ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:43 UTC

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 46ms
33ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7b021cbd791fd3b9c1cf1bab1b606f810901e1d52a10ff25050f630c64c5096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6752
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 21 Nov 2020 09:44:43 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 593C 0
0 7ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 21 Nov 2020 08:51:22 GMT
expires: Sun, 21 Nov 2021 08:51:22 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3201
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
160 B 15ms
15ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=1067106022744905&bg=!sbKlspLNAAUoamvQKFhGvjTXv1__MAIAAACpUgAAABxoAQcKAO5mN6OJMqJiWnKY9fSvzLQRyILY5DAvV5GNAGhVUIzxD8bok61QXnpVwXOrMDqAV5yCyimZb0Ghu7VBsyYWr1EraY1BM-upcXtpYsCRaoYueuvnP8gOwJNBclpT-CDyqWVRuaFHEOTrqrppEyD38oaHgh3kANnWZKYHXzgTYkLNzndmNuqFs42g87LoRzNRZumZi6iNGd-Pj25rzCRc4Brkv9y3r-yUiQLGEV_PYihv9Vh6EMaEH09N0-4XirDn5qFOs7hh-Fz5Ij9euGhFvWwxI5cSz7DeqC24li7cdqJJ5JefkwoSVRxwP8RhNhyfmQHbMODzhO439ELTk18vgtbhJKMv7_3JZ6578khaEq0pYshkNb0RX3M9aU06KptLP1INymMlM2qgqi7bOK0jaXOwO1b9OT4PhYChhjCTufaY7Fg93N65hcs7LczpLfRR9dB11GpeHGmok77NA3eDjniCqkcph3U_F5v77tKhS8xwF0QBk-xEdNH_vGGGwWjyZPz6kjE3qqQHkJtigUU7ciTqV3cVdAnU56hnrRj2FLgKxHtuIaE5WOmJd38fTcooy_gWdDR9HHuiAELnyhBPlOlONMnG1r4gN7Q78xq3Rds7tIJHos66Ra_BR9HXZLcZmkXENr12GPy1OuMdiIXkB5ZhVLIm7xf_qFwFjyUs04RkhDxktjPq1lw9tpsbQHKa9cCyS1fhkdOv5PxOeKb64tGF4oB-Nf6eBIVfaAxGgHjTwF5WxJvGJy_RTmq8MSLEc3HnOgoK9tB6mJAGcwgQU5UT3wDsQvWrW8qQqI6geJER0_umHNKDv7YCwOlqMclqJzQw9XIbMrwcCopP9Vgsxnj4xbgjaBb-l1qFl7o0tHYuTFcgBgltODGdr-6HKFldQSiwmfrDO0k7IbbFH-2vouBWhYSNr0fcKXGl9KTi3kkFk4Gs-QZ8lFDQxD7u9A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 43ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjc1NjUzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyNzU2NTMiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIyNzU2NTMiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQzOCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMjIifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:43 UTC

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B9B1 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF-aROT0GhKqGdJpj765HyJC4K8ywzVpO_W33QNEE5wfYhSXVIPVBoWErRxj9623352761j2wJG9BqQADJkQ9fD3yo4v3Z7EBAheRJ7qHlAqtW0-lnjBJNPcivG4eBVwkOMs0Sc76D1oWlvCFyw3MD&sai=AMfl-YTw2ld_q3MLp0nM2xPtn1X3d3CzBs-Ucf1P97xGk9SQwk0tqOFk7jykj2NrQ_rwxYrhr4HfxHUw7Kpyd2wcJmHRFOVCQEK2OAEtr3pZRLMVx5vdp5GXvgddUcKsvEz6&sig=Cg0ArKJSzPw9L-VTnhRmEAE&cid=CAASPeRou17q7aGHmyfNxpgHRUp2ZzNWWHPNqAmksPMqC_rC_BCS5vDtmcGjj-HKD8hC8HRcU-LzcoCD5esiZJA&id=ampim&o=315,114&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=127&tls=1128&g=100&h=100&tt=1128&r=v&avms=ampa&adk=2000855208

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 42ms
42ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:43 UTC

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 77 KB
25 KB 46ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6d8ffd84868d7c4232e88167eb1adc0a83d4c1f5efb41d78eb1a03127dcdb625

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 07:57:58 GMT
server: nginx
etag: W/"5fb38286-13244"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 22 Nov 2020 09:44:43 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 65AE 0
0 36ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=etandoz.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=etandoz.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 535
date: Sat, 21 Nov 2020 09:44:43 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 77 KB
25 KB 49ms
24ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6d8ffd84868d7c4232e88167eb1adc0a83d4c1f5efb41d78eb1a03127dcdb625

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:43 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 07:57:58 GMT
server: nginx
etag: W/"5fb38286-13244"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 22 Nov 2020 09:44:43 GMT

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
123 B 44ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:44 UTC

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
197 B 480ms
479ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1067106022744905&correlator=2392511483057837&output=ldjh&impl=fif&adsid=NT&eid=21068728%2C21068031%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201121&iu_parts=1254144%2Cetandoz_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=iid4%3D301151%26t%3D134%26d%3D163104%26t1%3D134%26pvc%3D0%26ap%3D1125%26sap%3D1125%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Detandoz_com-large-leaderboard-1-301151%26eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26eba%3D1%26asau%3D5654508248%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ft%3D1%26br1%3D160%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%26hb_bidder%3Doftmedia%26hb_adid%3D3266110957aee0c%26hb_pb%3D0.03%26hb_format%3Dbanner%26hb_ssid%3D10081%26lb%3D300%26reqt%3D1605951884176&eri=1&cookie=ID%3Da9dd2fd23a2dba14-2248de0142b90083%3AT%3D1605951880%3AS%3DALNI_MaK57vWIP0k4U0cPn7sMRrcLYUP9g&bc=31&abxe=1&lmt=1605951884&dt=1605951884180&dlt=1605951878434&idt=2424&frm=20&biw=1600&bih=1200&oid=3&adxs=1077&adys=2566&adks=3270114495&ucis=5&sps=channel,,3980499387|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fetandoz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x274&msz=302x252&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=true&ga_wpids=UA-131156852-28&fws=4&ohw=302&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f5dbd2288a8fa5a5ab35a839b96abe3ba72115f1980c64462bd9f1ea0dd2d69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etandoz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
29 KB 477ms
476ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1067106022744905&correlator=2837874500783598&output=ldjh&impl=fif&adsid=NT&eid=21068728%2C21068031%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201121&iu_parts=1254144%2Cetandoz_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=iid3%3D258850%26t%3D134%26d%3D163104%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26a%3D%257C252%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-c%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Detandoz_com-box-1-258850%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26asau%3D5654508248%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26acptad%3D1%26ft%3D1%26br1%3D140%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C0%252C4%252C97%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C17%26hb_bidder%3Doftmedia%26hb_adid%3D313b1dbe33a4f0e%26hb_pb%3D0.01%26hb_format%3Dbanner%26hb_ssid%3D10081%26lb%3D260%26reqt%3D1605951884183&eri=1&cookie=ID%3Da9dd2fd23a2dba14-2248de0142b90083%3AT%3D1605951880%3AS%3DALNI_MaK57vWIP0k4U0cPn7sMRrcLYUP9g&bc=31&abxe=1&lmt=1605951884&dt=1605951884186&dlt=1605951878434&idt=2424&frm=20&biw=1600&bih=1200&oid=3&adxs=1077&adys=744&adks=1638364331&ucis=6&sps=channel,,3980499387|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,FF6600|color_text,,000000|color_url,,FF6600&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fetandoz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x274&msz=302x252&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=true&ga_wpids=UA-131156852-28&fws=4&ohw=302&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

cdc0d7a9575a3bf893d38926844fd839a98771d1252d1e28b5b7c1d12ecf7017

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfa2Pysk-0CFZ7EuwgdT4QK_Q&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfa2Pysk-0CFZ7EuwgdT4QK_Q&gqi=&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x250.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28932
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 21 Nov 2020 09:44:44 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etandoz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.html
cdn.undertone.com/js/ Frame 08E8 0
0 36ms
7ms Document
text/html 2600:9000:214f:c800:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c800:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html?gdpr=0&gdprstr=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: UTID=9dacd372d67a42ef925a890840e5a5f3; UTID_ENC=9c1tzg7ba51ib6q8fnii5mm0j
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

content-type: text/html
last-modified: Tue, 29 Sep 2020 10:57:56 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 21 Nov 2020 01:17:03 GMT
etag: "a1d7681bfa6f248399881fa569d9c63b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: WNbYGA2V6M5b_XCB7GVMX_yisbGl04mvo8vd6SY7pHYHJxVxAp-czw==
age: 30462

GET
H2 200 /
onetag-sys.com/usync/ Frame 1905 0
0 35ms
33ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1605951880912

Requested by

Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/dall3700test.js?cb=191-2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.254 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1605951880912
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2 204 /
onetag-sys.com/usync/ 0
84 B 33ms
32ms Image
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.254 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
cache-control: no-cache, no-transform
content-length: 0

GET
H3-Q050 200 container.html
65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1BC4 0
0 9ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sat, 21 Nov 2020 09:44:40 GMT
expires: Sun, 21 Nov 2021 09:44:40 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 77ms
0ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/banger.js?cb=191-2&bv=92&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 21 Nov 2020 09:44:44 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 169ms
74ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJhZjA2M2MyNDQwODliNTJlYzVhMDQyM2EyNThmMWY4ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTQsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE0LCJiaWRfZmxvb3JfcHJldiI6MC4wMDI2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzU0NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:44 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 168ms
75ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIwLTExLTIxIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTAifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItNjAifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:44 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 167ms
75ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImF1Y3Rpb25fZXBvY2giOjE2MDU5NTE4ODUsImFkX3Bvc2l0aW9uIjoxMTI0LCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiYmlkX2Zsb29yX2luaXRpYWwiOjI2MCwiYmlkX2Zsb29yX3ByZXYiOjI2MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTQwLCJhdWN0aW9uX2NvdW50IjoyLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2MDAsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:44 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:44 UTC

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 75 KB
24 KB 294ms
294ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1067106022744905&correlator=4319854261897812&output=ldjh&impl=fif&adsid=NT&eid=21068728%2C21068031%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201121&iu_parts=1254144%2Cetandoz_com-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=2&prev_scp=iid4%3D301151%26t%3D134%26d%3D163104%26t1%3D134%26pvc%3D0%26ap%3D1125%26sap%3D1125%26a%3D%257C6%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod21-c%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1035%26compid%3D0%26tap%3Detandoz_com-large-leaderboard-1-301151%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26asau%3D5654508248%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ft%3D1%26br1%3D60%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C17%2C20%2C17%2C19%2C20%26hb_bidder%3Doftmedia%26hb_adid%3D3266110957aee0c%26hb_pb%3D0.03%26hb_format%3Dbanner%26hb_ssid%3D10081%26lb%3D160%26reqt%3D1605951884897&eri=1&cookie=ID%3Da9dd2fd23a2dba14-2248de0142b90083%3AT%3D1605951880%3AS%3DALNI_MaK57vWIP0k4U0cPn7sMRrcLYUP9g&bc=31&abxe=1&lmt=1605951884&dt=1605951884963&dlt=1605951878434&idt=2424&frm=20&biw=1600&bih=1200&oid=3&adxs=1077&adys=2566&adks=3270114495&ucis=7&sps=channel,,3980499387|color_bg,,FFFFFF|color_border,,FFFFFF|color_link,,858585|color_text,,000000|color_url,,F0F0F0&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fetandoz.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x274&msz=302x252&ga_vid=983744617.1605951881&ga_sid=1605951881&ga_hid=2122893375&ga_fc=true&ga_wpids=UA-131156852-28&fws=4&ohw=302&btvi=3&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

4f7bd1f2017f76c64b410bfbd8db2c9945ff0c585c5e3e7be5347aa72c1e4cb1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17259329190757594877/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17259329190757594877/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COCuiP2sk-0CFXnruwgd_XwOJg&gqi=&layout=/sadbundle/%24csp%253Der3%24/17259329190757594877/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17259329190757594877/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17259329190757594877/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COCuiP2sk-0CFXnruwgd_XwOJg&gqi=&layout=/sadbundle/%24csp%253Der3%24/17259329190757594877/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24180
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 21 Nov 2020 09:44:45 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://etandoz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A93F 0
0 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://etandoz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://etandoz.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sat, 21 Nov 2020 09:44:40 GMT
expires: Sun, 21 Nov 2021 09:44:40 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 5
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 49ms
48ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/porpoiseant/banger.js?cb=191-2&bv=92&v=35&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 21 Nov 2020 09:44:45 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
123 B 44ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzAxMTUxIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMjUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMDExNTEiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEyNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYzM1MmJhNTgxYmQzZmZkOGNlYTYwOGNmMmQ1NWY1MTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMwMTE1MSIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInVuaXQiOiJkaXYtZ3B0LWFkLWV0YW5kb3pfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDYsImFkX3Bvc2l0aW9uIjoxMTI1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA2LCJiaWRfZmxvb3JfcHJldiI6MC4wMDE2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzAxMTUxIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMjUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMDExNTEiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEyNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:45 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:45 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 45ms
44ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzAxMTUxIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMjUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMTEtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:45 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:45 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 44ms
44ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzAxMTUxIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYXVjdGlvbl9lcG9jaCI6MTYwNTk1MTg4NSwiYWRfcG9zaXRpb24iOjExMjUsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MzAwLCJiaWRfZmxvb3JfcHJldiI6MTYwLCJiaWRfZmxvb3JfZmlsbGVkIjo2MCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzA2LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:45 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:43 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 45ms
45ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjIwMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTE0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjEwNzYifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6Ijc0MyJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI3NTY1MyIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInVuaXQiOiJkaXYtZ3B0LWFkLWV0YW5kb3pfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMDkyIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMDExNTEiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEyNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDc2In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIyNTY1In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:45 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:45 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
77 B 44ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEyNCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:45 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:45 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
100 B 43ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjMifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:46 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:45 UTC

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
100 B 43ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzAxMTUxIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTYwNTk1MTg3OCwiYWRfcG9zaXRpb24iOjExMjUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJBVCIsInBhZ2V2aWV3X2lkIjoiYmNiZmY2NWItZTE5OC00MTQxLTdiYzEtMDViNjdmMjFiYzc4IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMDExNTEiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEyNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjMwMTE1MSIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInVuaXQiOiJkaXYtZ3B0LWFkLWV0YW5kb3pfY29tLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiODMifV0sImlzX29yaWciOmZhbHNlfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:46 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:46 UTC

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 821 B
1 KB 13ms
12ms Script
application/javascript 2600:9000:2104:a400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Requested by: Host: etandoz.com
URL: https://etandoz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:a400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 19:51:58 GMT
via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
last-modified: Sat, 26 Sep 2020 03:02:12 GMT
server: nginx/1.16.0
age: 4629170
etag: "335-5b02ea8e33500;5b02ea8e33500-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 821
x-amz-cf-id: pVyqsL7Zyo7pv_jpFP5g9Md7qVLvT5aJPWFp-ZW9dVgczgh8q1WKVQ==

GET
H2 200 army.gif
g.ezoic.net/porpoiseant/ 43 B
123 B 43ms
43ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjY4OTAzIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTItMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0MzgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI0OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjU4ODUwIiwiZG9tYWluX2lkIjoiMTYzMTA0IiwidW5pdCI6ImRpdi1ncHQtYWQtZXRhbmRvel9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MDU5NTE4NzgsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQVQiLCJwYWdldmlld19pZCI6ImJjYmZmNjViLWUxOTgtNDE0MS03YmMxLTA1YjY3ZjIxYmM3OCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxMTEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjI3NTY1MyIsImRvbWFpbl9pZCI6IjE2MzEwNCIsInVuaXQiOiJkaXYtZ3B0LWFkLWV0YW5kb3pfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDM4LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTY0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMDExNTEiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ1bml0IjoiZGl2LWdwdC1hZC1ldGFuZG96X2NvbS1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJhZF9wb3NpdGlvbiI6MTEyNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkFUIiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNDk0In1dLCJpc19vcmlnIjpmYWxzZX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:48 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:48 UTC

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 23ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:48 GMT
content-encoding: gzip
etag: "O/+l6c17R2TQ0JQMJXOiXA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 28 Nov 2020 09:44:48 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 101ms
32ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=191-2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 21 Nov 2020 09:44:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sun, 22 Nov 2020 09:44:48 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
348 B 52ms
13ms Script
application/x-javascript 2600:9000:2104:6000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 20 Nov 2020 23:47:30 GMT
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 35839
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: Mu-DmJEmnAUFzThJZ7cS5Aqv_b8DIp0i0qw_ZJkSrb9NIjD-WGUyxA==

GET
H2 200 pixel;r=1781878627;labels=Domain.etandoz_com%2CDomainId.163104;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fetandoz.com%2F;fpan=1;fpa=P0-362518938-1605951888342;ns=0;ce=1;qjs=1;qv=3364aec3-202010...
pixel.quantserve.com/ 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1781878627;labels=Domain.etandoz_com%2CDomainId.163104;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fetandoz.com%2F;fpan=1;fpa=P0-362518938-1605951888342;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=etandoz.com;je=0;sr=1600x1200x24;dst=1;et=1605951888342;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020%2Cdescription.Happy%20Diwali%20--%20Diwali%20Celebrations%20--%20Diwali%20Quotes%20--%20Diwali%202020%2Curl.https%3A%2F%2Fetandoz%252Ecom%2F%2Csite_name.Etandoz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Nov 2020 09:44:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1605951888363&ns_c=UTF-8&cv=3.5&c8=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&c7=ht...
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1605951888363&ns_c=UTF-8&cv=3.5&c8=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&c7=h...

0
528 B

31ms
31ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1605951888363&ns_c=UTF-8&cv=3.5&c8=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&c7=https%3A%2F%2Fetandoz.com%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Nov 2020 09:44:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1605951888363&ns_c=UTF-8&cv=3.5&c8=Etandoz%20-%20Happy%20Diwali%20-%20Diwali%20Celebrations%20-%20Diwali%20Quotes%20-%20Diwali%202020&c7=https%3A%2F%2Fetandoz.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 21 Nov 2020 09:44:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif
g.ezoic.net/detroitchicago/ 43 B
77 B 42ms
42ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiY2JmZjY1Yi1lMTk4LTQxNDEtN2JjMS0wNWI2N2YyMWJjNzgiLCJkb21haW5faWQiOiIxNjMxMDQiLCJ0X2Vwb2NoIjoxNjA1OTUxODc4LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjM3NTAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIzIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjUzNzMwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMjk5MzYwMDAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiMTg3MTAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://etandoz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 21 Nov 2020 09:44:48 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Fri, 20 Nov 2020 09:44:48 UTC

Verdicts & Comments Add Verdict or Comment

374 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 14:05:55	Name: DSID Value: NO_DATA
etandoz.com/	1970-01-19 22:51:27	Name: ezux_lpl_163104 Value: 1605951883197\|bcbff65b-e198-4141-7bc1-05b67f21bc78\|false
.etandoz.com/	1970-01-19 14:05:53	Name: __utmb Value: 242257238.3.9.1605951883195
.etandoz.com/	1970-01-19 14:08:44	Name: ezovuuidtime_163104 Value: 1605951882
.etandoz.com/	1970-01-19 14:05:53	Name: ezopvc_163104 Value: 3
.etandoz.com/	1970-01-19 14:08:44	Name: active_template::163104 Value: pub_site.1605951882
etandoz.com/	1970-01-19 14:15:56	Name: DigiTrust.v1.identity Value: eyJpZCI6IldkUEhDclhYRWwvV1M1SVZWUlB0UGxBOHYzRW9wb0pBQ2tCTGxqdGFwV1hnb0t5d1NQdWIwUFpBSWxrZDNUSjZhR2Q5bGV3d052UFhoU1BONHdqby8yWnpjcjNnUDNhVUVsZnRNL1MyVFF6TS9LYXpnbEhWU0RxSldUUjNGcTVvNGpQWnM5S1dXV3JITDdhTHFWVXBUaDhHaG9VQXNnQ0hLNkQ1aVZsOEhjZUQvOHBiUjdKUnBUVnNsdVphME9Sd0dVWUxKRWhPazJZdzhrTWxCeXJjK0FCLzlvRlVyREZPVWNXQXJpTTNtVjlYMlVhV0w2OTBwRllMK0Q0Sk9ac0JTU0NwdnFJbW9icjZDNXhHazh6RnFrNHRDWmdrY3AySjBnbWJOTmVRb2lUaktQRkU0alpKcDR1ejhUWk9WMTZFdHpMNDVvbzBxTS9yUGxUclJNUFVpUT09IiwidmVyc2lvbiI6MiwicHJvZHVjZXIiOiIxQ3JzZFVOQW82IiwicHJpdmFjeSI6eyJvcHRvdXQiOmZhbHNlfSwia2V5diI6NH0%3D
.doubleclick.net/	1970-01-19 23:27:27	Name: IDE Value: AHWqTUk9fBP_O1xxIsPM21jtO5FR8guMtWyO8saAKsn8WGCq7h3DPEGKVdwgFT6f
etandoz.com/	1969-12-31 23:59:59	Name: ezouspva Value: 2
.etandoz.com/	1970-01-20 07:37:03	Name: __utma Value: 242257238.983744617.1605951881.1605951881.1605951881.1
.etandoz.com/	1970-01-19 23:27:27	Name: __gads Value: ID=a9dd2fd23a2dba14-2248de0142b90083:T=1605951880:S=ALNI_MaK57vWIP0k4U0cPn7sMRrcLYUP9g
etandoz.com/	1970-01-19 15:32:15	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%229c8ce36d-ad70-484d-82a9-b12662662bc9%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222020-11-21T09%3A44%3A40%22%7D
etandoz.com/	1970-01-22 03:25:03	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
.etandoz.com/	1970-01-20 07:37:03	Name: ezosuigeneris Value: c58bcc14401c2cd480d6744d654ac4e0
.etandoz.com/	1970-01-19 14:05:52	Name: __utmt_f Value: 1
.etandoz.com/	1970-01-19 14:05:53	Name: ezoab_163104 Value: mod21-c
.etandoz.com/	1970-01-19 14:05:52	Name: __utmt_e Value: 1
.etandoz.com/	1970-01-19 14:05:53	Name: ezovid_163104 Value: 1615507169
.etandoz.com/	1970-01-19 18:28:39	Name: __utmz Value: 242257238.1605951881.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
etandoz.com/	1970-01-22 03:25:03	Name: ezohw Value: w%3D1600%2Ch%3D1200
etandoz.com/	1970-01-19 23:27:31	Name: cto_bundle Value: uoYVSV9yJTJCMktTUDZiYXFZRmhUTm9HVEpyV294WE41MFVISmNaVmlCSlZBbyUyRjJBeEZaajV5RHhFcldodFhtbVNXaUdaeDElMkZmZFI2dGJRamhZYjlSTU9Fc1pyUDYxS2VpTnZjdkhhSmtIWWxsZXpBSzJmb0RsRjljSHRNRU1XWlhNUVN1cw
etandoz.com/	1970-01-19 14:49:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
.etandoz.com/	1969-12-31 23:59:59	Name: __utmc Value: 242257238
.etandoz.com/	1970-01-19 14:05:53	Name: ezovuuid_163104 Value: 52bb0e15-81a1-426f-6287-bbaabefb797f
etandoz.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 460
.etandoz.com/	1970-01-19 14:05:59	Name: ezoref_163104 Value:
etandoz.com/	1970-01-19 23:27:31	Name: cto_bidid Value: EweOqV9MM1NZZmVCaHFiNDNLd1JLWTlDQWxyVFFEUHRMTTlRYVVXb2lCMG02b05HWDVVekIzUVFJOFRwa1JBJTJCS05kSnR4MW14ekVoNTFSbEolMkZmeXlxeUpuYXclM0QlM0Q
etandoz.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 300
.etandoz.com/	1970-01-19 14:05:59	Name: lp_163104 Value: https://etandoz.com/
.etandoz.com/	1970-01-19 22:51:27	Name: ezCMPCCS Value: true
.etandoz.com/	1970-01-19 14:07:18	Name: ezepvv Value: 0
.etandoz.com/	1970-01-19 14:05:53	Name: ezoadgid_163104 Value: -1
.etandoz.com/	1970-01-19 18:25:03	Name: _pubcid Value: 1ee2e188-f0a6-44d4-b1a9-381e32b23bb8

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/156983/3085/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.5.3(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://etandoz.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65c9fe1fee852fa08a5545d208c67b1d.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.at
adservice.google.com
api.rlcdn.com
bidder.criteo.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.onesignal.com
cdn.undertone.com
etandoz.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
g2.gumgum.com
go.ezoic.net
googleads.g.doubleclick.net
gum.criteo.com
hb.undertone.com
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pixel.wp.com
prebid.digitru.st
rules.quantcount.com
s0.wp.com
sb.scorecardresearch.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
stats.wp.com
tag.1rx.io
tpc.googlesyndication.com
www.ezodn.com
www.ezojs.com
www.google.com
www.googletagservices.com
104.111.238.139
172.217.18.162
173.249.24.142
178.250.2.131
178.250.2.146
18.156.95.187
18.200.32.70
185.33.220.244
192.0.76.3
192.0.77.32
2.21.37.33
213.19.147.210
216.58.206.2
2600:9000:2104:1600:a:d79f:3100:93a1
2600:9000:2104:6000:6:44e3:f8c0:93a1
2600:9000:2104:a400:2:cb38:840:93a1
2600:9000:214f:c800:1f:2473:9080:93a1
2606:4700:3030::681b:930b
2606:4700:3036::6812:3689
2606:4700::6812:e134
2606:4700:e2::ac40:8720
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:816::2001
2a00:1450:4001:818::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81e::2008
2a02:2638:1::13
2a02:2638:1::3
2a04:4e42:1b::621
34.120.207.148
51.89.9.254
52.17.253.7
52.8.73.135
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b05aab2d178ca0b7d17c7ba9231fc686f1e3479c3ea4c10d8e5eb6c2be4c7e3
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
11baffff70fe74bb15d97abf789d273cdd1c9628d326bd452f2fceca009b0444
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12ceaaa105abb177182163d2b3c95418076c4cd7881b107e39e1ae77dde7f7c1
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7
244de6960388f992e43c07685dd8c7ca1ee4424d85874a72036f2f8e692bbd7b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e65c19fd70c24a9c0d2e3f80b88d25413f511455664becdfd4217ee392a619c
3280d840db75382b0a366d79bcd0dbe276a33e62b7be641e27b8b4bf68f66156
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
397690de4cf308d2708b609ad5bc5fd2433039ae76ed53db257f068de69cbaed
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
424f0c195542bdc7be09d2c2619422c87d3c7490893e6792ed434dda0d10a3ec
43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7
45889999142b356acbb9554474ae2f2480398cb20b969ce57655b8828834b191
45a3a31804d386e5fb9410421c32284455bf6d434c6051f68cf1d23643c102f1
474680bdf7c61617f80ef117ecc09ff5c074bf91fa22d160edab08765e48216c
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7
485304633becb4f63b4478dbda0941ad068f683a84a41f36491ec4b1325d7c45
4f7bd1f2017f76c64b410bfbd8db2c9945ff0c585c5e3e7be5347aa72c1e4cb1
51cb314e9b843ea3d1fd1b52e9f760aab7e99028ac5330b712feeb0164a63c6f
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
5820216486981914837a6b4f07dc46f6969a726d301a867b6043b149fab43ec7
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
611897c7cfdda8769e28fdffc2eea1a70615431ad66158e03eb43f0f4daf6bea
63d43ef2a46ed4f40d42a75a32a3018526280358901559f220990ef052be03e9
661a73094cc5203e58f1d95dc2e3aa0e745baa3bdc1223881254fd64521920a7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6789cb85ff91dc894b176b6f6d113341214aa0592aa86e3dcf74c7a445584cf6
67d096296b53e2a0180360a9301d36ad6abbc718d98d7a0204719169d63274bd
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
691bf31bb63491d6a8fbb7c3dc7f8ca4b081ba77ad2836b07ce46dc2163d972e
6d8ffd84868d7c4232e88167eb1adc0a83d4c1f5efb41d78eb1a03127dcdb625
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f9ff71fd4f31aff5a89306a6ba57f55ea8a700d46e90e34245ff49733c44b03
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada
77823d90004f02da5cf3f7c8cf199ced141babfb81606c5329101e0f3ec4e4c8
781d6fd1dc6d3b359f3d9446968a414b8f22b134149ffddfc380f1e7c3af7f3c
7b6c18953b125345d4e72676243ab9906b17fda1b925ffc9cbebf1d3aeff0ac9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8072d2fdc3e9070342609d285bbb46d4072a6180c04783786ef5e118caa94b6a
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874e9c775f786c647fa0d6824b805486d3ca7e0d94dfb101ee0224315e8ef4fb
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
88ccb5c6f7f8d57297543ffc4d4a1d89c44df56e844dab6610640b71bef4dc85
8afa8127232deafbb8cf00f91b373547b808ae5ea1cb117fa84425ea7e0d1f41
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
90782932720d45af116fb069cae0fc65aaf004aa95c6b6d22698f5f9136310da
968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e
97f89af5c09a23fbbdd1ef04e436d1b99b58617a3b6cc4940146af9d6aff2347
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9cc19c02d87c3360d404c6dcf6e7982304f5e54abda4209de7a3bc44d3c54883
9fb7df21c9e4c85d23a70a25b4823a85b7a7c617fbae015cfce65a5779fa9e2d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2bd6d03b5ca4077052ad35975e64c93f8d790133a8ba0eea95d20fb5beb0b09
a7d72a2373d9d7be8325768387530166efe2d3906374ebbd23267cc8ec8e771a
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a8e3c1f378254611d83d27991dd0bd18c759d064fe52160f16043be1ec434cc5
aa265f0c78d6c94ff3fdb8e12d48dec191495c0872b56b8debfdb749811df39f
aa475af0fb05e1b76590fbc8eb5b49d3c1e772a8efbde59c9991e07972f1223e
aaae58058e6e3602ab24ccd60c7641c5dc7bddb1fada4204576659997eac1c40
ab8a4d30433c888070a62f0f4c0d249f364ed3901c77a4410beae82647ee26e3
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08
b1132996507b2307c59702977232dc53440b200e4a9159efc3d1148a296faa4e
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b3f70903456eb86877a88e3063aec8283ebb645fd5b974f0b71df25bca56af30
b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb
b4a24bdcf99be8cb9823514768815f1f27acea675b511d0e77e7f111a5baed4e
b502d47f3322506391caadc21225ecae1dc4286c62ddb753ef10cfb357625801
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bc9f09ed09d7297e39457f94fa1c015406d38e730110e8d7b70b9a02e572dcd0
c090c938bbe4c0ed91065ff339cc4799f3758b9c1df20af104ac749ec285f97e
c5af0d1449845c496368405a47ab0c6e07563772764e74b3f7782151b2c20730
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdc0d7a9575a3bf893d38926844fd839a98771d1252d1e28b5b7c1d12ecf7017
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d7b021cbd791fd3b9c1cf1bab1b606f810901e1d52a10ff25050f630c64c5096
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5dbd2288a8fa5a5ab35a839b96abe3ba72115f1980c64462bd9f1ea0dd2d69f
f8561f20143672d030a9af6685615d626da2be6e45f01a006bf1facbe617f331
f9d1cdea0522c4af463dbd11b502a1d8c03f045431ff596125b50234401b2eee
fb74f2f57a90c644b95268c211a5a6efc3faeeb30ff0bd28aa946923c950cfa3
fe550434094ec4b080238fd3873fedb7c481556e0f9694f6b209cf2c2a54334b
fe770e1899813ba29394b0ec8ef94ff1a161ddc37e20d7074180232976ec0ae9
ff0e43ae4e799c9ded0320c3fe982045373b42aac2ca114966566d4ca54bf490
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

etandoz.com Open in urlscan Pro 173.249.24.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

100 %HTTPS

55 %IPv6

32 Domains

43 Subdomains

39 IPs

7 Countries

1776 kBTransfer

5464 kBSize

33 Cookies

2 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

etandoz.com Open in urlscan Pro
173.249.24.142 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

100 %
HTTPS

55 %
IPv6

32
Domains

43
Subdomains

39
IPs

7
Countries

1776 kB
Transfer

5464 kB
Size

33
Cookies

164 HTTP transactions
4 data transactions