www.orlytaitzesq.com Open in urlscan Pro
35.209.63.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orlytaitzesq.com/
Effective URL:
http://www.orlytaitzesq.com/
Submission: On February 15 via api (February 15th 2020, 11:25:47 pm UTC) from US

Summary HTTP 252 Redirects Links 133 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 32 domains to perform 252 HTTP transactions. The main IP is 35.209.63.6, located in Mountain View, United States and belongs to GOOGLE-2, US. The main domain is www.orlytaitzesq.com.

This is the only time www.orlytaitzesq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	35.209.63.6 35.209.63.6	19527 (GOOGLE-2) (GOOGLE-2)
1	34.224.175.58 34.224.175.58	14618 (AMAZON-AES) (AMAZON-AES)
2 2	23.210.248.226 23.210.248.226	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
4	2606:4700:20:... 2606:4700:20::681a:aaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1 2	193.189.143.34 193.189.143.34	34948 (TYPHON-AS) (TYPHON-AS)
1	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.94.77 143.204.94.77	16509 (AMAZON-02) (AMAZON-02)
1	143.204.94.125 143.204.94.125	16509 (AMAZON-02) (AMAZON-02)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	54.209.86.7 54.209.86.7	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.78.28 13.225.78.28	16509 (AMAZON-02) (AMAZON-02)
1 1	72.21.202.25 72.21.202.25	16509 (AMAZON-02) (AMAZON-02)
1	54.240.172.10 54.240.172.10	16509 (AMAZON-02) (AMAZON-02)
4	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	35.173.95.229 35.173.95.229	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
8	13.224.197.70 13.224.197.70	16509 (AMAZON-02) (AMAZON-02)
4 29	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
36	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
8 20	152.199.21.35 152.199.21.35	15133 (EDGECAST) (EDGECAST)
4	74.214.194.133 74.214.194.133	59940 (PULSEPOIN...) (PULSEPOINT-EU)
4	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
8 16	152.199.21.89 152.199.21.89	15133 (EDGECAST) (EDGECAST)
20	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4 4	91.228.74.169 91.228.74.169	27281 (QUANTCAST) (QUANTCAST)
8 8	52.57.106.47 52.57.106.47	16509 (AMAZON-02) (AMAZON-02)
8	35.157.167.170 35.157.167.170	16509 (AMAZON-02) (AMAZON-02)
4	52.215.180.197 52.215.180.197	16509 (AMAZON-02) (AMAZON-02)
4	74.214.194.139 74.214.194.139	59940 (PULSEPOIN...) (PULSEPOINT-EU)
252	34

28 35.209.63.6 (Mountain View, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 6.63.209.35.bc.googleusercontent.com

orlytaitzesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.orlytaitzesq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.175.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-175-58.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.226 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-226.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us.i1.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:aaa (United States)

ASN13335 (CLOUDFLARENET, US)

www.thegatewaypundit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.189.143.34 (Ankara, Turkey) 1 redirects

ASN34948 (TYPHON-AS, FR)
PTR: www.netvibes.com

www.netvibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

buttons.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-77.fra50.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-125.fra50.r.cloudfront.net

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.86.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-86-7.compute-1.amazonaws.com

www.petition2congress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.202.25 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

cloudfront-labs.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.240.172.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-240-172-10.hio50.r.cloudfront.net

a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.173.95.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-95-229.compute-1.amazonaws.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.197.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-70.fra2.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 152.199.21.35 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 152.199.21.89 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.228.74.169 (United Kingdom) 4 redirects

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.57.106.47 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-106-47.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.157.167.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.180.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-180-197.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.214.194.139 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com buttons.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	535 KB
41	doubleclick.net 4 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	758 KB
28	orlytaitzesq.com 1 redirects orlytaitzesq.com www.orlytaitzesq.com	659 KB
24	advertising.com 16 redirects adserver.adtech.advertising.com pixel.advertising.com	5 KB
24	googletagservices.com www.googletagservices.com	602 KB
20	adtechus.com 8 redirects adserver.adtechus.com	5 KB
12	google.com adservice.google.com	3 KB
10	cloudfront.net d31qbv1cthcecs.cloudfront.net a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net d2tbmvllb55wxq.cloudfront.net	1 MB
8	yahoo.com ups.analytics.yahoo.com	992 B
8	contextweb.com bid.contextweb.com bh.contextweb.com	3 KB
8	google.de adservice.google.de	1 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
4	adsrvr.org match.adsrvr.org	1 KB
4	quantserve.com 4 redirects pixel.quantserve.com	3 KB
4	google.be adservice.google.be	1 KB
4	adnxs.com ib.adnxs.com	3 KB
4	rubiconproject.com fastlane.rubiconproject.com	7 KB
4	pubmatic.com hbopenbid.pubmatic.com	308 B
4	lanistaads.com api.lanistaads.com	1 KB
4	mthsense.com ads3.mthsense.com	14 KB
4	thegatewaypundit.com www.thegatewaypundit.com	51 KB
2	youtube.com www.youtube.com
2	google-analytics.com www.google-analytics.com	17 KB
2	netvibes.com 1 redirects www.netvibes.com	1 KB
2	yimg.com s.yimg.com us.i1.yimg.com	16 KB
2	paypalobjects.com www.paypalobjects.com	3 KB
2	paypal.com 2 redirects www.paypal.com	561 B
2	gweini.com s.gweini.com fs.gweini.com	17 KB
1	amazonaws.com 1 redirects cloudfront-labs.amazonaws.com	219 B
1	alexametrics.com certify.alexametrics.com	551 B
1	petition2congress.com www.petition2congress.com
1	twimg.com pbs.twimg.com	83 KB
252	32

	Domain	Requested by
36	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.orlytaitzesq.com
27	www.orlytaitzesq.com	www.orlytaitzesq.com
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
24	www.googletagservices.com	www.orlytaitzesq.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
20	adserver.adtechus.com	8 redirects www.orlytaitzesq.com
16	adserver.adtech.advertising.com	8 redirects
12	adservice.google.com	www.googletagservices.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	ups.analytics.yahoo.com
8	pixel.advertising.com	8 redirects
8	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
8	d2tbmvllb55wxq.cloudfront.net	ads3.mthsense.com pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com
4	bh.contextweb.com	d2tbmvllb55wxq.cloudfront.net
4	match.adsrvr.org	d2tbmvllb55wxq.cloudfront.net
4	pixel.quantserve.com	4 redirects
4	adservice.google.be	securepubads.g.doubleclick.net
4	ib.adnxs.com	d2tbmvllb55wxq.cloudfront.net
4	bid.contextweb.com	d2tbmvllb55wxq.cloudfront.net
4	fastlane.rubiconproject.com	d2tbmvllb55wxq.cloudfront.net
4	hbopenbid.pubmatic.com	d2tbmvllb55wxq.cloudfront.net
4	api.lanistaads.com	www.orlytaitzesq.com
4	ads3.mthsense.com	fs.gweini.com
4	platform.twitter.com	www.orlytaitzesq.com platform.twitter.com
4	www.thegatewaypundit.com	www.orlytaitzesq.com
2	www.youtube.com	www.orlytaitzesq.com
2	www.google-analytics.com	www.orlytaitzesq.com
2	www.netvibes.com	1 redirects www.orlytaitzesq.com
2	www.paypalobjects.com	www.orlytaitzesq.com
2	www.paypal.com	2 redirects
1	syndication.twitter.com	www.orlytaitzesq.com
1	a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net	www.orlytaitzesq.com
1	cloudfront-labs.amazonaws.com	1 redirects
1	certify.alexametrics.com	www.orlytaitzesq.com
1	www.petition2congress.com	www.orlytaitzesq.com
1	fs.gweini.com	s.gweini.com
1	d31qbv1cthcecs.cloudfront.net	www.orlytaitzesq.com
1	buttons.googlesyndication.com	www.orlytaitzesq.com
1	us.i1.yimg.com	www.orlytaitzesq.com
1	pbs.twimg.com	www.orlytaitzesq.com
1	s.yimg.com	www.orlytaitzesq.com
1	s.gweini.com	www.orlytaitzesq.com
1	orlytaitzesq.com	1 redirects
252	43

This site contains links to these domains. Also see Links.

Domain
taitzreport.com
www.drtaitz.com
www.taitzofficesuites.com
morningconsult.com
www.yahoo.com
news.google.com
www.breitbart.com
www.thegatewaypundit.com
apnews.com
www.netvibes.com
add.my.yahoo.com
fusion.google.com
www.feedly.com
www.petition2congress.com
petitions.whitehouse.gov
plus.google.com
www.youtube.com
www.facebook.com
www.orlytaitzforussenate2012.com
www.videospromo.com
www.washingtonamerica.com
www.elementsofseo.com
www.drewstauffer.com
www.alibiproductions.com

Subject Issuer	Validity	Valid
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-01-21` - `2020-03-06`	a month	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-12` - `2020-10-09`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.netvibes.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-15` - `2020-08-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adtechus.com GeoTrust RSA CA 2018	`2019-08-07` - `2021-08-07`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 33 frames:

Primary Page: http://www.orlytaitzesq.com/
Frame ID: C85895F3E833A5F90BCA3471A39D5C9A
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Frame ID: 08ECCB73E67B508A68DBA7C6D76709EA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Frame ID: AA5ED718DF04BB611C305C1BCA27BE32
Requests: 1 HTTP requests in this frame

Frame: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Frame ID: E71FC83FAD6881357E7689361A7FDDD3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Frame ID: C6445AF03C9A6A1FA309F58BABF71B1D
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Frame ID: 3BA49D0901CAF5DDA21195C3977FBE45
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Frame ID: 330525148CBEA1D446A187AF9205ED27
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Frame ID: 00F61BAC43EF56DA909E0E948E03610C
Requests: 1 HTTP requests in this frame

Frame: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Frame ID: 89DFC5C19437F2DF6EAB0AD8D72E8A8F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
Frame ID: 957452043211E3B10BC3E3A09BF03078
Requests: 1 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 4000405324435AFCFFBFD142331E0AD0
Requests: 22 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 7707EC03E77E99245DE06D754DB4C6F9
Requests: 22 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 28577AC15DAD6E57F861273ED305EC61
Requests: 25 HTTP requests in this frame

Frame: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Frame ID: 88EA982698B74D101B2A55438AB8AB02
Requests: 25 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRKFUWHvZTbxj5ewiFnO7aXIopFDpGS11knhT1IpZUxNZJ3DiJq-sZDJlD1JkQT25LNEckzua3isv5p5K5S7guJ6vx6uSjnE7CuGSb5GZ92yghKg3VsWQ4JjekO1aID9M2nFigy_mFsJ8kjT31XlRLdq70CRtfIozCR3iJekZbKbv0HYB_jiFY8OShoRyrKA-Cm25QLBWEEgerNX6cpbCmIZsoWMR639RTVlxoVhCc103aP3md_UO3QghusD8ioD27lSei0aBPdCVSUuat8a4HE5A&sig=Cg0ArKJSzOtKoPBS0ANREAE&urlfix=1&adurl=
Frame ID: E4F57590F196B97939B3B006E021A8E4
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIiXGKE6ZFTdncrxdRjAzk5VKX7eWWgEpDZYwIzcNc5dsidvCnyhxNTdhcDeQrlraexGcHXdMqnFQoEgFet6ocBLuNXmwxgFNhUvMfaERMRK-5GdWCE6rsspazP316FIn3oxmHpIROUwzURhOS9H5Ubp2hTTbP4-jmp0_ewvXFIPbEJ2q9pCa-2jTPenvMuAGG_AARo4WlZyRPNoI8w6jStkv3V4gKNmxmuno7TJxWZWsra42RlyaWE3QtpVoWIrfQ9rU8IKAomBsaix9LPrU5HTM&sig=Cg0ArKJSzI0oK8Z2ZSziEAE&urlfix=1&adurl=
Frame ID: B8A5298FA3D6C112A1F9D90733AF1531
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstorITeUaUcWlAWFeC8OOL5cu_NKU2QibfpAgwQ7_RnwcrbdSwGZr4Cg-AxmkUZXKw5IMikBOuIYe8sRBT68nxp8CG6YsKxOTsrfB2xr9Q7Om3WKHEVGH_HMmuvMFADL9sofxiq0BkEq5oif8hXcwpNVXKTnzNKqREmEeKLb0-9TqGjiL3_tmQJN_QyNrbe8HKoSiKf80X-B9cqT_LwjyrEAoa7DVlnYlNTWvYw2loSo6zZNKgPlwELBuvvV9Q2olWC1_j6if6GGQvkY543ihsJIMg&sig=Cg0ArKJSzP7M5-YYabOTEAE&urlfix=1&adurl=
Frame ID: 1FA9C5FA194D8AE1506B2A513F5EF222
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: A70CD6D3F7322196EE47E42320566BDE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfSlpNepHaL51Oso6noauaNI_sti4RxcIhjpGHEbd4n9ds6vaH4lDQxtodsF-S5DUdTBuo4s921vhRNS7Xxs9EuORL1vZR1-wqWU049CH8PgtJX3Xp01Ne5Up1h3zYVdLfPW-2y_41ZERuVIR1w4dyxlFNFh-mwSL9cPSI6hIQwVv0e4AfpRL4xMBBFY-or0EaFSFkXJ_iAnLsVj0oYzf1a2jCArejHPbjc8iq_H6l2ElqlHmRV31rJ54yGBtnhg4OtRJmHq7AHfZh4Awx9xIUBhM&sig=Cg0ArKJSzCixK-DODCYTEAE&urlfix=1&adurl=
Frame ID: 2CD038CE7EFF5BDCD9510CFB8061CD6F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 5F85EF65E8CB4A3592429BC894FA9321
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFbfPhBEgW0FgDUDV8L-eCA7jdfiy3bw_8F-9pGxtlDWTmz02XKW3SKn8qgrfjBxuM2Lnxf0YnjHuk3SBafd3Pw_4aqtqFfp0WMW09va7b8IyYwbNEjwCUYHBnJtPmiYKg451G0SeOw5vp2l2BfF9M1HLk4T3MLiwkJOxJWI-MfpeJzdGMY1tzaQlHwwoJ9BFy1pfTsIchVOo8OJFgzZOdr_n9Xt1q5dWUR64nbh368lDzjqULeZUB4SAP3XEF7gBzGx8iFGAqFmMoeDvfhtPQw8k-rA&sig=Cg0ArKJSzL-mIXLtUJduEAE&urlfix=1&adurl=
Frame ID: BF8715B0892543452596531F114F762B
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwsumhX3BKYeE8I1E8Nu0LhlW64wspQqFXuHn_2rOa0rv36is1IJZm_qtSzo4Ej0OFZ5iZXlZQE8MmijlfwDyaOWWuGw5zRBJ0lYrowKBDlKo8FuQzt9C4EkWsX3hDIVrvOtwiZagh4y07GlwKJURdE63AP-5RknoEvXTGrIA-FR-dYnp4CZOZkrIdslTCZB2kJizS5SO9sfJPAIuORHe_zb74zj2Lr9JljkfZEqfFlQLU89_i4-OCXppVs1tHnSjxQZN3u8_dpj6Y0YHU3IHkkmbJfA&sig=Cg0ArKJSzACnFoJNLDaJEAE&urlfix=1&adurl=
Frame ID: 6366032C7E1C31F9AA4AEAB83AAEB6C0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html
Frame ID: 5284FA4F3CCCF52FFAE388EB260EF781
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 08B9F6D27354BFC75093C7EF9B769BA7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVNlkKOjmnCWmIC5OAEVNPYSeCqdlAqaF6NV1PXVaIPtOi30la5HPA7ktFagixWTi1Bk7B3yQimG6Gv9TWXWqizAs2cnpvWvfjnTqebaWOWb-sejWl9k8FoJdq6OrobygzJuX7uQWGd1X_NHXGEWt44-dHlbxVO87vghshnHL9sko0P7lrZGf8BJiPIK9igPuex_mqzbRatxJlLMbXMsZwrePfd8mjkfDWcNUcJ7xB_NC3uI4PtBtpBINzrVfW1gjcc5RqgbcbEI0JVopaBY2ymuW_Rw&sig=Cg0ArKJSzKrkxXEUkTzGEAE&urlfix=1&adurl=
Frame ID: 4C68BBD5D0B65A3A4EFCFC5D3397F733
Requests: 8 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm
Frame ID: B101405B27AAB0F3FEF5E7190E0A6852
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2j3AJqPX5uMxrX_BhDNGECqQJI8Wz5Fyb0lJfQCYOXREbYSAj-Bs_svwW4ClyX1U0RB7_P0SSLJCUuXU2MDlCGrmPXIGnFyoJAgmbUFu3dlymlaPGcvBo1w2LK1OnUwEf6o1nicCiEjhrJopHp2VUAIngXombYKyoAHqwKoO8lWYmZAzlhhdEERpXnTbkho9g7DTBNPUBR6LcMUtUGKkbRIzElSHmkvJGNuvNEeivtZ5nv2hzvYlgO-H-FjGAELHP4ON1kGN3ePc4xZCJEQ4xRNoKWA&sig=Cg0ArKJSzNdMV8674c7oEAE&urlfix=1&adurl=
Frame ID: 412F31BD385F27148F190AF874F8AB0D
Requests: 12 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Frame ID: 6B6E56C0493E9EA850BA0D6CFF3E0F2F
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Frame ID: E09D2743707230BC711741A830F397D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: BCF7DB654A9188E5E4D9315D8AC51F85
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm
Frame ID: 37D8C9F60BDE0158690B0A5E599B71B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 121AADCEF83526BFCFF9D72948E53034
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: DC3C977967DD5D1B3E2040E1F555F65D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://orlytaitzesq.com/ HTTP 301
http://www.orlytaitzesq.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

252
Requests

75 %
HTTPS

24 %
IPv6

32
Domains

43
Subdomains

34
IPs

7
Countries

3924 kB
Transfer

7200 kB
Size

10
Cookies

133 Outgoing links

These are links going to different origins than the main page.

URL: http://taitzreport.com/
Title: TaitzReport.com

Search URL Search Domain Scan URL

URL: http://www.drtaitz.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.taitzofficesuites.com/
Title:

Search URL Search Domain Scan URL

URL: https://morningconsult.com/2020/02/13/sanders-cements-front-runner-status-after-new-hampshire-win/
Title: SHOCK POLL: SANDERS +10 IN DEM RACE...

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/huffpost/michael-bloomberg-nanny-some-black-203501337.html
Title: Michael Bloomberg Allegedly Told New Mom To Find ‘Some Black’ For A Nanny

Search URL Search Domain Scan URL

URL: https://www.yahoo.com/news/former-employee-says-heard-bloomberg-173100774.html

Search URL Search Domain Scan URL

URL: https://news.google.com/articles/CAIiEKjlPWkARw_WP3XAKFiAhGYqGQgEKhAIACoHCAow4Zn5CjCu8uACMLTRlgY?hl=en-US&gl=US&ceid=US%3Aen
Title: ‘We’d be f—ed’: Texas Dems sweat a Bernie Sanders ticket

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOGZ-QowrvLgAg?hl=en-US&gl=US&ceid=US%3Aen
Title: POLITICO

Search URL Search Domain Scan URL

URL: https://news.google.com/articles/CAIiEMeiC1ChFJlvfHzMrfndlkYqFwgEKg8IACoHCAowlOzSATCaiDUwo9dy?hl=en-US&gl=US&ceid=US%3Aen
Title: Poll: Bernie Sanders is beating every other candidate in Nevada

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMJTs0gEwmog1?hl=en-US&gl=US&ceid=US%3Aen
Title: Vox.com

Search URL Search Domain Scan URL

URL: https://news.google.com/articles/CAIiEJZSXfdPbtFoGiYOgl_JCfAqGAgEKg8IACoHCAowhK-LAjD4ySww69W0BQ?hl=en-US&gl=US&ceid=US%3Aen
Title: Another 67 coronavirus cases reported on Diamond Princess cruise ship

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMISviwIw-Mks?hl=en-US&gl=US&ceid=US%3Aen
Title: New York Post

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/02/15/poll-bernie-sanders-doubles-support-in-texas-ahead-of-super-tuesday/
Title: POLL: BERNIE DOUBLES SUPPORT IN TEXAS AHEAD OF SUPER TUESDAY…

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/15/bernie-sanders-gaining-joe-biden-south-carolina/
Title: GAINING ON JOE BIDEN IN SOUTH CAROLINA

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/hannah-bleau/
Title: HANNAH BLEAU

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/clips/2020/02/15/clift-not-sure-biden-can-count-on-black-voters-very-dramatic-if-he-makes-a-comeback/
Title: CLIFT: ‘NOT SURE’ BIDEN CAN COUNT ON BLACK VOTERS – ‘VERY DRAMATIC’ IF HE MAKES A COMEBACK

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/ian-hanchett/
Title: IAN HANCHETT

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/clips/2020/02/15/grenell-trumps-tweeting-makes-my-job-so-much-easier/
Title: GRENELL: TRUMP’S TWEETING ‘MAKES MY JOB SO MUCH EASIER’

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/crime/2020/02/15/stormy-daniels-guilty-verdict-reveals-michael-avenattis-true-character/
Title: STORMY DANIELS: GUILTY VERDICT REVEALS MICHAEL AVENATTI’S ‘TRUE CHARACTER’

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/amy-furr/
Title: AMY FURR

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/crime/2020/02/15/french-tourist-slashed-in-the-neck-in-random-attack-in-new-york-city/
Title: FRENCH TOURIST SLASHED IN THE NECK IN RANDOM ATTACK IN NEW YORK CITY

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/katherine-rodriguez/
Title: KATHERINE RODRIGUEZ

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/15/john-legend-chrissy-teigen-use-private-jet-to-grab-valentines-day-dinner/
Title: GLOBAL WARMING HARDLINER JOHN LEGEND, CHRISSY TEIGEN USE PRIVATE JET TO GRAB VALENTINES DAY DINNER17

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/15/pew-study-reveals-massive-gop-dem-divide-over-climate-change/
Title: PEW STUDY REVEALS MASSIVE GOP-DEM DIVIDE OVER CLIMATE CHANGE8

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/15/melania-trump-is-the-queen-of-hearts-in-red-leather-trench/
Title: FASHION NOTES: MELANIA IS THE QUEEN OF HEARTS IN RED LEATHER TRENCH5

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/local/2020/02/15/woman-receives-flowers-every-valentines-day-late-husband/
Title: WOMAN RECEIVES FLOWERS EVERY VALENTINE’S DAY FROM LATE HUSBAND1

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/minnesota-considers-bill-against-hair-discrimination/
Title: MINNESOTA CONSIDERS BILL AGAINST HAIR DISCRIMINATION569

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/local/2020/02/15/kentucky-to-pay-atheist-groups-150k-for-denying-im-god-license-plate/
Title: KENTUCKY TO PAY ATHEIST GROUPS $150K FOR DENYING ‘IM GOD’ LICENSE PLATE6

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/15/wsj-elites-enthusiasm-for-transgenderism-endangers-gay-lesbian-youth/
Title: WSJ: ELITES’ ENTHUSIASM FOR TRANSGENDERISM ENDANGERS GAY, LESBIAN YOUTH7

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/local/2020/02/15/former-assistant-principal-gets-two-years-probation-for-alleged-sex-with-student/
Title: FORMER ASSISTANT PRINCIPAL GETS TWO YEARS PROBATION FOR ALLEGED SEX WITH STUDENT461

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/nevada-poll-bernie-sanders-leads-as-five-other-candidates-receive-double-digit-support/#disqus_thread
Title: 167

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/02/14/poll-shows-impeachment-torpedoes-hit-joe-biden-not-donald-trump/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/john-nolte/
Title: JOHN NOLTE

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/02/14/poll-shows-impeachment-torpedoes-hit-joe-biden-not-donald-trump/#disqus_thread
Title: 1,661

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/las-vegas-newspaper-warns-bernie-sanders-nomination-guarantees-trump-second-term/
Title: Vegas Newspaper Warns Bernie Nomination ‘Guarantees a Trump Second Term’

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/las-vegas-newspaper-warns-bernie-sanders-nomination-guarantees-trump-second-term/#disqus_thread
Title: 976

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/house-democrats-push-for-diversity-and-inclusion-ratings-for-banks/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/house-democrats-push-for-diversity-and-inclusion-ratings-for-banks/#disqus_thread
Title: 2,522

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/02/13/rand-paul-slams-youtube-for-removing-video-of-him-supposedly-outing-alleged-whistleblower-eric-ciaramella/
Title: Rand Paul Slams YouTube for Removing Video of Him Outing ‘Whistleblower’

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/02/13/rand-paul-slams-youtube-for-removing-video-of-him-supposedly-outing-alleged-whistleblower-eric-ciaramella/#disqus_thread
Title: 125

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/economy/2020/02/14/facebook-cancels-global-marketing-summit-in-san-francisco-over-coronavirus-fears/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/john-carney/
Title: JOHN CARNEY

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/economy/2020/02/14/facebook-cancels-global-marketing-summit-in-san-francisco-over-coronavirus-fears/#disqus_thread
Title: 153

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/singapore-battles-coronavirus-childrens-rap-song-about-hand-washing/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/singapore-battles-coronavirus-childrens-rap-song-about-hand-washing/#disqus_thread
Title: 76

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/border/2020/02/13/mexican-border-state-quarantines-businessman-returning-from-china-for-potential-coronavirus/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/border/2020/02/13/mexican-border-state-quarantines-businessman-returning-from-china-for-potential-coronavirus/#disqus_thread
Title: 61

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/vietnam-quarantines-10000-villagers-coronavirus/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/john-hayward/
Title: JOHN HAYWARD

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/vietnam-quarantines-10000-villagers-coronavirus/#disqus_thread
Title: 861

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/border/2020/02/14/six-cartel-kidnappers-busted-with-mexican-border-city-victim-in-trunk/
Title: Six Cartel Kidnappers Busted with Mexican Border City Victim in Trunk

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/border/2020/02/14/six-cartel-kidnappers-busted-with-mexican-border-city-victim-in-trunk/#disqus_thread
Title: 74

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/europe/2020/02/14/farage-boris-huawei-decision-imperils-intelligence-sharing-trade-deal/
Title: Farage: UK’s Huawei Decision ‘Imperils Intelligence Sharing’

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/europe/2020/02/14/farage-boris-huawei-decision-imperils-intelligence-sharing-trade-deal/#disqus_thread
Title: 255

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/venezuela-denounces-u-s-crimes-against-humanity-compares-sanctions-holocaust/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/sports/2020/02/14/former-jaguars-jumbotron-operator-arrested-on-child-porn-charges/
Title: Former Jaguars Jumbotron Operator Arrested on Child Porn Charges

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/warner-todd-huston/
Title: WARNER TODD HUSTON

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/sports/2020/02/14/former-jaguars-jumbotron-operator-arrested-on-child-porn-charges/#disqus_thread
Title: 34

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/sports/2020/02/14/dodgers-bellinger-astros-stole-world-series-mvp-from-yankees-judge/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/sports/2020/02/14/dodgers-bellinger-astros-stole-world-series-mvp-from-yankees-judge/#disqus_thread
Title: 348

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/sports/2020/02/14/michael-avenatti-is-convicted-of-trying-to-extort-nike/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/sports/2020/02/14/michael-avenatti-is-convicted-of-trying-to-extort-nike/#disqus_thread
Title: 31

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/new-hampshire-man-charged-assaulting-teen-maga-hat/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/new-hampshire-man-charged-assaulting-teen-maga-hat/#disqus_thread
Title: 2,572

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/02/14/nolte-media-approved-hate-crimes-against-trump-supporters-explode-post-acquittal/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/2020-election/2020/02/14/nolte-media-approved-hate-crimes-against-trump-supporters-explode-post-acquittal/#disqus_thread
Title: 817

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/democrats-fundraise-off-anniversary-parkland-shooting/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/democrats-fundraise-off-anniversary-parkland-shooting/#disqus_thread
Title: 198

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/immigration/2020/02/14/investors-report-admits-florida-e-verify-prods-employers-to-raise-wages/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/immigration/2020/02/14/investors-report-admits-florida-e-verify-prods-employers-to-raise-wages/#disqus_thread
Title: 198

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/mark-zuckerberg-claims-facebook-is-ready-to-pay-more-taxes-globally/
Title: Mark Zuckerberg Claims Facebook Is Ready to Pay More Taxes Globally

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/mark-zuckerberg-claims-facebook-is-ready-to-pay-more-taxes-globally/#disqus_thread
Title: 97

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/california-court-orders-apple-to-pay-employees-for-time-lost-to-bag-searches/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/california-court-orders-apple-to-pay-employees-for-time-lost-to-bag-searches/#disqus_thread
Title: 200

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/doj-ohio-man-ran-300-million-bitcoin-money-laundering-scheme/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/doj-ohio-man-ran-300-million-bitcoin-money-laundering-scheme/#disqus_thread
Title: 180

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/university-of-utah-offers-students-sexual-pleasure-packs-for-valentines-day/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/university-of-utah-offers-students-sexual-pleasure-packs-for-valentines-day/#disqus_thread
Title: 711

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/health/2020/02/14/woman-donates-kidney-husband-just-before-valentines-day/
Title: Woman Donates Kidney to Husband Just Before Valentine’s Day

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/health/2020/02/14/woman-donates-kidney-husband-just-before-valentines-day/#disqus_thread
Title: 51

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/health/2020/02/14/louisiana-student-wins-183k-in-lawsuit-against-school/
Title: Louisiana Student Wins $183K in Lawsuit Against School

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/health/2020/02/14/louisiana-student-wins-183k-in-lawsuit-against-school/#disqus_thread
Title: 664

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/watch-uc-santa-cruz-leftist-attacks-college-republicans-spits-on-american-flag/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/tech/2020/02/14/watch-uc-santa-cruz-leftist-attacks-college-republicans-spits-on-american-flag/#disqus_thread
Title: 3,776

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/the-media/2020/02/14/rap-sheet-389-media-approved-hate-crimes-trump-supporters/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/the-media/2020/02/14/rap-sheet-389-media-approved-hate-crimes-trump-supporters/#disqus_thread
Title: 1,627

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/the-media/2020/02/14/washington-post-whips-up-fear-over-trump-bullying-phenomenon-in-schools/
Title: Wash Post Whips Up Fear over ‘Trump Bullying Phenomenon’ in Schools

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/the-media/2020/02/14/washington-post-whips-up-fear-over-trump-bullying-phenomenon-in-schools/#disqus_thread
Title: 1,116

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/entertainment/2020/02/14/barbra-streisand-trump-directly-responsible-for-growing-hate-against-children/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/entertainment/2020/02/14/barbra-streisand-trump-directly-responsible-for-growing-hate-against-children/#disqus_thread
Title: 8,430

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/clips/2020/02/14/blackburn-dems-will-try-impeachment-again-very-real-possibility-gop-takes-house-back/
Title: Blackburn: Dems Will Try Impeachment Again

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/author/jeffrey-poor/
Title: JEFF POOR

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/clips/2020/02/14/blackburn-dems-will-try-impeachment-again-very-real-possibility-gop-takes-house-back/#disqus_thread
Title: 938

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/doj-andrew-mccabe-will-not-face-criminal-charges/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/doj-andrew-mccabe-will-not-face-criminal-charges/#disqus_thread
Title: 17,642

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/poll-michael-bloomberg-polling-ahead-of-joe-biden-in-florida/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/poll-michael-bloomberg-polling-ahead-of-joe-biden-in-florida/#disqus_thread
Title: 446

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/economy/2020/02/14/consumer-sentiment-soars-on-improved-optimism-and-best-income-gains-since-1960/
Title: Consumer Sentiment Soars… Best Income Gains Since 1960

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/economy/2020/02/14/consumer-sentiment-soars-on-improved-optimism-and-best-income-gains-since-1960/#disqus_thread
Title: 275

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/the-media/2020/02/14/bankrupt-mcclatchy-spread-tea-party-n-word-hoax/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/the-media/2020/02/14/bankrupt-mcclatchy-spread-tea-party-n-word-hoax/#disqus_thread
Title: 483

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/blue-state-blues-iran-war-powers-resolution-a-futile-exercise-in-appeasement/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/blue-state-blues-iran-war-powers-resolution-a-futile-exercise-in-appeasement/#disqus_thread
Title: 168

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/u-s-navy-seizes-cache-iranian-weapons-bound-yemen/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/national-security/2020/02/14/u-s-navy-seizes-cache-iranian-weapons-bound-yemen/#disqus_thread
Title: 347

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/europe/2020/02/14/leftist-pipeline-protests-shuts-down-canadian-rail-networks/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/02/former-clinton-advisor-warns-mike-bloomberg-before-you-put-hillary-on-your-ticket-better-hire-a-taster/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/02/seen-out-and-about-in-washington-dc-nevertrumper-rick-wilson-meets-peter-strzok-for-lunch/

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/entertainment/2020/02/15/arnold-schwarzenegger-thanks-trump-for-tackling-homeless-epidemic/
Title: SCHWARZENEGGER THANKS TRUMP FOR TACKLING HOMELESS EPIDEMIC

Search URL Search Domain Scan URL

URL: https://www.breitbart.com/politics/2020/02/14/poll-kris-kobach-leads-democrat-candidate-in-kansas-senate-race/
Title: POLL: KRIS KOBACH LEADS DEMOCRAT CANDIDATE IN KANSAS SENATE RACE

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/02/lacked-candor-lied-on-four-separate-occasions-president-trump-responds-to-deep-state-verdict-on-crooked-andrew-mccabe/

Search URL Search Domain Scan URL

URL: https://www.thegatewaypundit.com/2020/02/democrat-privilege-biden-defends-obamas-caged-border-children-over-trumps-caged-border-children-video/

Search URL Search Domain Scan URL

URL: https://apnews.com/ff0b1ea536afd8056d72dee415f5dedd
Title: Ivanka in Abu Dhabi ahead of women’s conference…

Search URL Search Domain Scan URL

URL: https://news.google.com/articles/CAIiEDBHDpeatdqfIHySjbqhEJAqGAgEKg8IACoHCAow1tzJATDnyxUwqK20AQ?hl=en-US&gl=US&ceid=US%3Aen
Title: Bloomberg Buys the Democratic Elite

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMNbcyQEw58sV?hl=en-US&gl=US&ceid=US%3Aen
Title: The Wall Street Journal

Search URL Search Domain Scan URL

URL: https://news.google.com/articles/CAIiEF2AqkeKdlxEcSKNeLmNqBgqFggEKg4IACoGCAowl6p7MN-zCTCOvRU?hl=en-US&gl=US&ceid=US%3Aen
Title: Trevor Noah: Bloomberg talked about black people ‘like they’re crime piñatas’

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBggKMJeqezDfswk?hl=en-US&gl=US&ceid=US%3Aen
Title: The Guardian

Search URL Search Domain Scan URL

URL: http://www.netvibes.com/subscribe.php?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://add.my.yahoo.com/rss?url=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://fusion.google.com/add?feedurl=http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.feedly.com/home#subscription/feed/http://www.orlytaitzesq.com/?feed=rss2

Search URL Search Domain Scan URL

URL: http://www.petition2congress.com/18945/ban-importation-200000-syrian-migrants-us/
Title: PETITION TO CONGRESS: Ban importation of 200,000 Syrian migrants into the US

Search URL Search Domain Scan URL

URL: https://petitions.whitehouse.gov/petition/institute-edward-snowden-national-whistleblower-patriots-against-government-corruption-day/Qhjys2vw

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/117378858973367836955/posts/KuCZfqzLPut
Title: CHANNEL (Google Plus)

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/DrOrlyTV
Title: SUBSCRIBE TO YOUTUBE

Search URL Search Domain Scan URL

URL: http://www.facebook.com/orlytaitz?ref=ts

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donateslogan.html

Search URL Search Domain Scan URL

URL: http://www.orlytaitzforussenate2012.com/donate.html
Title: RunOrlyRun.com

Search URL Search Domain Scan URL

URL: http://www.videospromo.com/
Title: Videography by Barbara Rosenfeld

Search URL Search Domain Scan URL

URL: http://www.washingtonamerica.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.elementsofseo.com/
Title: Elements of SEO

Search URL Search Domain Scan URL

URL: http://www.drewstauffer.com/
Title: Website Design

Search URL Search Domain Scan URL

URL: http://www.alibiproductions.com/html/website-development.html
Title: Accessible Website Development

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orlytaitzesq.com/ HTTP 301
http://www.orlytaitzesq.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 5

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 15

http://www.netvibes.com/img/add2netvibes.gif HTTP 301
https://www.netvibes.com/img/add2netvibes.gif

Request Chain 33

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 40

http://www.youtube.com/embed/OreNM9NDxlE?rel=0 HTTP 307
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Request Chain 41

http://www.youtube.com/embed/948FBVCqTu4?rel=0 HTTP 307
https://www.youtube.com/embed/948FBVCqTu4?rel=0

Request Chain 45

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=335225539&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1423801895&utmr=-&utmp=%2F&utmht=1581809130412&utmac=UA-38912701-1&utmcc=__utma%3D209516236.221892569.1581809130.1581809130.1581809130.1%3B%2B__utmz%3D209516236.1581809130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=647825390&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=335225539&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1423801895&utmr=-&utmp=%2F&utmht=1581809130412&utmac=UA-38912701-1&utmcc=__utma%3D209516236.221892569.1581809130.1581809130.1581809130.1%3B%2B__utmz%3D209516236.1581809130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=647825390&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 47

http://cloudfront-labs.amazonaws.com/x.png HTTP 302
http://a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net/test.png

Request Chain 82

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4

Request Chain 85

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2

Request Chain 94

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2

Request Chain 95

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4

Request Chain 100

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2

Request Chain 101

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2

Request Chain 102

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4

Request Chain 103

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4

Request Chain 104

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2

Request Chain 105

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2

Request Chain 106

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4

Request Chain 107

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4

Request Chain 108

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4

Request Chain 109

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2

Request Chain 110

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4

Request Chain 111

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2

Request Chain 204

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=250&slotname=6912765793&adk=410023260&adf=702193765&w=300&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1581809132931&bpp=19&bdt=39&fdt=83&idt=83&shv=r20200212&cbv=r20190131&ptt=5&saldr=sa&correlator=1869645328009&frm=23&ife=4&pv=2&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=703947145&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=483&biw=1585&bih=1200&isw=300&ish=250&ifk=1060388250&scr_x=0&scr_y=0&eid=21065304%2C44714170&oid=3&pvsid=62330356637204&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.kg95tvm4bccm&fsb=1&dtd=93 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm

Request Chain 211

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193764&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1581809132963&bpp=8&bdt=41&fdt=108&idt=108&shv=r20200212&cbv=r20190131&ptt=5&saldr=sa&correlator=1869645328009&frm=23&ife=4&pv=1&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=1798523821&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=545&ady=16&biw=1585&bih=1200&isw=728&ish=90&ifk=2772832079&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=1377329071833421&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.yg3i3kg39avf&fsb=1&dtd=118 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

Request Chain 223

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193767&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1581809133104&bpp=5&bdt=113&fdt=68&idt=68&shv=r20200212&cbv=r20190131&ptt=5&saldr=sa&correlator=1869645328009&frm=23&ife=4&pv=1&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=967733491&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=11426&biw=1585&bih=1200&isw=728&ish=90&ifk=2772832079&scr_x=0&scr_y=0&eid=44714169&oid=3&pvsid=582932366137888&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.24srx9whnj8v&btvi=1&fsb=1&dtd=77 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

Request Chain 226

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=250&slotname=6912765793&adk=410023260&adf=702193766&w=300&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1581809133132&bpp=6&bdt=76&fdt=97&idt=97&shv=r20200212&cbv=r20190131&ptt=5&saldr=sa&correlator=1869645328009&frm=23&ife=4&pv=1&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=1159831328&ga_fc=1&iag=255&icsg=682&nhd=4&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=973&ady=637&biw=1585&bih=1200&isw=300&ish=250&ifk=1060388250&scr_x=0&scr_y=0&eid=21065304%2C21065305&oid=3&pvsid=847916080866126&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.56m4kfjv3buw&fsb=1&dtd=120 HTTP 302
https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm

Request Chain 243

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=9u0tWPTsfAbuvS9T-740VfPrKFHusH9Tp719nkRl HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=9u0tWPTsfAbuvS9T-740VfPrKFHusH9Tp719nkRl&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Request Chain 246

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Request Chain 248

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Request Chain 250

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=a2y362lt5rVzPLrkZ2yu4m84uuRzbLSwajqKCCoE HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=a2y362lt5rVzPLrkZ2yu4m84uuRzbLSwajqKCCoE&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Request Chain 252

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Request Chain 254

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Request Chain 257

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Request Chain 258

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt HTTP 302
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e

252 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.orlytaitzesq.com/
Redirect Chain

http://orlytaitzesq.com/
http://www.orlytaitzesq.com/

121 KB
121 KB

641ms
627ms

Document
text/html

35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: af39d3df384d2203268d0632a7ffdc69dbefd6bf1d23ee24ac552d5469e3d730

Request headers

Host: www.orlytaitzesq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Sat, 15 Feb 2020 23:25:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <http://www.orlytaitzesq.com/wp-json/>; rel="https://api.w.org/"
X-Proxy-Cache: MISS
alt-svc: quic=":443"; ma=86400; v="43,39"

Redirect headers

Server: nginx
Date: Sat, 15 Feb 2020 23:25:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: http://www.orlytaitzesq.com/
X-Proxy-Cache: MISS
alt-svc: quic=":443"; ma=86400; v="43,39"

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 12 KB
12 KB 239ms
225ms Script
application/javascript 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:29 GMT
Last-Modified: Fri, 19 Apr 2019 13:17:13 GMT
Server: nginx
ETag: "2f02-586e1efe2390e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 12034
X-Proxy-Cache: HIT

GET
H/1.1 200
OK style.min.css
www.orlytaitzesq.com/wp-includes/css/dist/block-library/ 25 KB
25 KB 248ms
235ms Stylesheet
text/css 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/css/dist/block-library/style.min.css?ver=5.1.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Fri, 19 Apr 2019 13:17:13 GMT
Server: nginx
ETag: "629a-586e1efe342af"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 25242
X-Proxy-Cache: HIT

GET
H/1.1 200
OK si_captcha.js Show response
www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/ 685 B
998 B 263ms
250ms Script
application/javascript 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/plugins/si-captcha-for-wordpress/captcha/si_captcha.js?ver=1581809129
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 06 Mar 2018 19:48:30 GMT
Server: nginx
ETag: "2ad-566c3ba12bf80"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 685
X-Proxy-Cache: MISS

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 8 KB
1 KB 302ms
239ms Script
text/html 34.224.175.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 34.224.175.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-175-58.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 1140
Content-Type: text/html; charset=UTF-8

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

3 KB
3 KB

85ms
23ms

Image
image/gif

151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:29 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2486307
x-cache: HIT, HIT
status: 200
x-cache-hits: 2, 15768
strict-transport-security: max-age=31557600
content-encoding: br
x-served-by: cache-lax8629-LAX, cache-fra19122-FRA
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: Apache
x-timer: S1581809130.963534,VS0,VE0
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7776000
accept-ranges: none
expires: Fri, 15 May 2020 23:25:29 GMT

Redirect headers

date: Sat, 15 Feb 2020 23:25:29 GMT
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
strict-transport-security: max-age=63072000
status: 301
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 37753a4741285
dc: phx-origin-www-1.paypal.com
content-length: 0

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
220 B

22ms
22ms

Image
image/gif

151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 2575846
x-cache: HIT, HIT
status: 200
x-cache-hits: 1, 38482
strict-transport-security: max-age=31557600
content-encoding: br
x-served-by: cache-sjc10040-SJC, cache-fra19122-FRA
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: Apache
x-timer: S1581809130.014281,VS0,VE0
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7776000
accept-ranges: none
expires: Fri, 15 May 2020 23:25:30 GMT

Redirect headers

date: Sat, 15 Feb 2020 23:25:29 GMT
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
strict-transport-security: max-age=63072000
status: 301
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: fde52c436241c
dc: phx-origin-www-1.paypal.com
content-length: 0

GET
H/1.1 200
OK 1Apple3b.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 41 KB
42 KB 119ms
119ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Apple3b.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "a4d6-4f5f40a459400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 42198
X-Proxy-Cache: HIT

GET
H/1.1 200
OK 1Office4a.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 34 KB
34 KB 116ms
115ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/1Office4a.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "861a-4f5f40a459400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 34330
X-Proxy-Cache: HIT

GET
H2 200 fad366edf0d6c6c8c4a2e6ae020f66b0
s.yimg.com/uu/api/res/1.2/.VpzLG9jNE3kTZkrSqK6dQ--~B/Zmk9c3RyaW07aD0yNDY7cHlvZmY9MDtxPTgwO3c9NDQwO3NtPTE7YXBwaWQ9eXRhY2h5b24-/https://media.zenfs.com/EN/business_insider_articles_888/ 14 KB
14 KB 53ms
16ms Image
image/jpeg 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/uu/api/res/1.2/.VpzLG9jNE3kTZkrSqK6dQ--~B/Zmk9c3RyaW07aD0yNDY7cHlvZmY9MDtxPTgwO3c9NDQwO3NtPTE7YXBwaWQ9eXRhY2h5b24-/https://media.zenfs.com/EN/business_insider_articles_888/fad366edf0d6c6c8c4a2e6ae020f66b0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

51269386926cfc97525fdc4d55317d70f3664d65a4c13e4eef95e2ba0d72f734

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-server-time-total: 677812
date: Sat, 15 Feb 2020 18:05:04 GMT
x-content-type-options: nosniff
x-server-time-fetchimage: 33374
age: 19227
x-server-processor: opencv
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status: 200
x-image-height: 246
content-length: 13851
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-image-width: 440
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 15 Feb 2020 18:02:35 GMT
server: ATS
etag: "f856298ac0023fdb9ab5f9e192a10d71"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: image/jpeg
x-server-time-process: 643993
content-disposition: inline; filename=fad366edf0d6c6c8c4a2e6ae020f66b0.jpg
cache-control: max-age=2592000, no-transform, public

GET
H2 200 IMG_9451-1-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 7 KB
7 KB 90ms
70ms Image
image/jpeg 2606:4700:20::681a:aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/IMG_9451-1-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01477f6ccbc3484283dbba1f6f57b3a849b3b2ace00588213270d9ce9554703c

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
cf-cache-status: HIT
age: 12161
cf-polished: origSize=7151
status: 200
content-length: 6747
last-modified: Sat, 15 Feb 2020 19:46:04 GMT
server: cloudflare
etag: "5e484a7c-1bef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 565b0a987aa11f2d-FRA
cf-bgj: imgq:85

GET
H2 200 rick-wilson-peter-strzok-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 10 KB
11 KB 168ms
159ms Image
image/jpeg 2606:4700:20::681a:aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/rick-wilson-peter-strzok-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da2f2e14d9f154b226c2f343a8556357e6ec71fbbce057610dca046a420356a9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
cf-cache-status: HIT
age: 6880
cf-polished: degrade=85, origSize=16133
status: 200
content-length: 10718
last-modified: Sat, 15 Feb 2020 21:07:30 GMT
server: cloudflare
etag: "5e485d92-3f05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 565b0a987aa31f2d-FRA
cf-bgj: imgq:85

GET
H2 200 deep-state-escaping-justice-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 14 KB
14 KB 127ms
118ms Image
image/jpeg 2606:4700:20::681a:aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/deep-state-escaping-justice-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eac3021d12af1948bb737f365a9c94716f36da22cde3b5314c36f9dee2b81398

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
cf-cache-status: HIT
age: 20185
cf-polished: degrade=85, origSize=19472
status: 200
content-length: 14552
last-modified: Sat, 15 Feb 2020 00:11:44 GMT
server: cloudflare
etag: "5e473740-4c10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 565b0a987aa51f2d-FRA
cf-bgj: imgq:85

GET
H2 200 obama-cages-360x188.jpg
www.thegatewaypundit.com/wp-content/uploads/ 18 KB
19 KB 139ms
130ms Image
image/jpeg 2606:4700:20::681a:aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thegatewaypundit.com/wp-content/uploads/obama-cages-360x188.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55084a8b55b1a339eef4b0b3c8144b48bd1f63dff4099704e8b598601c0b5d47

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
cf-cache-status: HIT
age: 18633
cf-polished: status=not_needed
status: 200
content-length: 18873
last-modified: Sun, 24 Jun 2018 19:32:38 GMT
server: cloudflare
etag: "5b2ff1d6-49b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 565b0a987aa61f2d-FRA
cf-bgj: imgq:85

GET
H2 200 EQ1IHIpUEAAG4Hr
pbs.twimg.com/media/ 83 KB
83 KB 30ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQ1IHIpUEAAG4Hr?format=jpg&name=small

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

163751a90018d686f4631e72fe3ffb8133a3e9a548b6a4372bdc5dd3a9d5f906

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
x-content-type-options: nosniff
age: 24911
x-cache: HIT
status: 200
content-length: 84721
x-response-time: 274
surrogate-key: media media/bucket/7 media/1228717560759062528
last-modified: Sat, 15 Feb 2020 16:25:49 GMT
server: ECS (fcn/4185)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8fb8740d32a3045da8ca81d65c98265c
accept-ranges: bytes

GET
H/1.1 200
OK rss.png
www.orlytaitzesq.com/wp-includes/images/ 608 B
907 B 129ms
126ms Image
image/png 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-includes/images/rss.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Sun, 05 Jan 2014 06:00:00 GMT
Server: nginx
ETag: "260-4ef32da7ef800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 608
X-Proxy-Cache: HIT

GET
H2

200

add2netvibes.gif
www.netvibes.com/img/
Redirect Chain

http://www.netvibes.com/img/add2netvibes.gif
https://www.netvibes.com/img/add2netvibes.gif

832 B
965 B

123ms
30ms

Image
image/gif

193.189.143.34
TYPHON-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netvibes.com/img/add2netvibes.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 193.189.143.34 Ankara, Turkey, ASN34948 (TYPHON-AS, FR),
Reverse DNS: www.netvibes.com
Software: nginx /
Resource Hash: 5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
x-slb: slb3
last-modified: Fri, 03 Apr 2015 14:18:16 GMT
server: nginx
content-type: image/gif
status: 200
x-men: web2
accept-ranges: bytes
content-length: 832

Redirect headers

Location: https://www.netvibes.com/img/add2netvibes.gif
Date: Sat, 15 Feb 2020 23:25:30 GMT
X-slb: slb1
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK addtomyyahoo4.gif
us.i1.yimg.com/us.yimg.com/i/us/my/ 765 B
2 KB 184ms
16ms Image
image/gif 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software: ATS /
Resource Hash: e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 07:10:58 GMT
x-amz-meta-created-date: Wed, 14 Nov 2012 17:41:49 GMT
Age: 5847273
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1352914909579380
Content-Length: 765
Connection: keep-alive
x-amz-request-id: 5F90CEBEE2768A4B
x-amz-id-2: SgkJxoBUOg+x3JOD8GK0GQkU6sHqPxt9CRH++SgX20HexUk4H9HiNpTK0/wH/kHA+X8uInOmOQU=
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 17 May 2018 13:30:46 GMT
Server: ATS
ETag: "9652eeb62b03f1fbf4d358ea0ce13107"
Vary: Origin
Content-Type: image/gif
Cache-Control: public,max-age=315360000
Accept-Ranges: bytes
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:a7bd8e41-25b9-44bf-917e-b7efec483bac0004ce780c98c874"
Expires: Sun, 14 May 2028 13:30:45 GMT

GET
H/1.1 200
OK add.gif
buttons.googlesyndication.com/fusion/ 2 KB
2 KB 22ms
13ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buttons.googlesyndication.com/fusion/add.gif

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 12:00:00 GMT
Server: sffe
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 2068
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H/1.1 200
OK feedly.png
www.orlytaitzesq.com/wp-content/uploads/2013/05/ 2 KB
2 KB 118ms
117ms Image
image/png 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/05/feedly.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "67e-4f5f40a459400"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1662
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Petition2Congress_200px.png
www.orlytaitzesq.com/wp-content/uploads/2015/11/ 4 KB
5 KB 117ms
116ms Image
image/png 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2015/11/Petition2Congress_200px.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Wed, 18 Nov 2015 19:28:43 GMT
Server: nginx
ETag: "11a9-524d5a676f0c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 4521
X-Proxy-Cache: HIT

GET
H/1.1 200
OK WethePeople1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/06/ 25 KB
25 KB 215ms
124ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/06/WethePeople1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "636c-4f5f40a459400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 25452
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Defend.jpeg
www.orlytaitzesq.com/wp-content/uploads/2013/10/ 2 KB
2 KB 121ms
116ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/10/Defend.jpeg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Mon, 28 Oct 2013 05:00:00 GMT
Server: nginx
ETag: "7a4-4e9c5f8de7400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1956
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Ad-1.jpg
www.orlytaitzesq.com/wp-content/uploads/2013/02/ 44 KB
44 KB 121ms
120ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2013/02/Ad-1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "b03e-4f5f40a459400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 45118
X-Proxy-Cache: HIT

GET
H/1.1 200
OK OrlyABC1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/11/ 63 KB
63 KB 116ms
115ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/11/OrlyABC1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "fc78-4f5f40a459400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 64632
X-Proxy-Cache: HIT

GET
H/1.1 200
OK 281_DVD-3.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 46 KB
46 KB 124ms
124ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/281_DVD-3.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "b7b1-4f5f40a459400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 47025
X-Proxy-Cache: HIT

GET
H/1.1 200
OK appealing-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
15 KB 116ms
116ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/appealing-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: nginx
ETag: "39ae-4761a62767400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 14766
X-Proxy-Cache: HIT

GET
H/1.1 200
OK office-ad.jpg
www.orlytaitzesq.com/images/ 14 KB
14 KB 116ms
116ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/images/office-ad.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Sat, 17 Oct 2009 05:00:00 GMT
Server: nginx
ETag: "37c3-4761a62767400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 14275
X-Proxy-Cache: HIT

GET
H/1.1 200
OK fame-small.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 3 KB
4 KB 125ms
124ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/fame-small.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Thu, 30 Jun 2011 05:00:00 GMT
Server: nginx
ETag: "dca-4a6e6c5ea5400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 3530
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Obama-bumper-sticker-Thumbnail.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/06/ 13 KB
13 KB 119ms
119ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/06/Obama-bumper-sticker-Thumbnail.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 07 Jun 2011 05:00:00 GMT
Server: nginx
ETag: "33d9-4a5181790b400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 13273
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Washington-America-Ad1.jpg
www.orlytaitzesq.com/wp-content/uploads/2011/08/ 4 KB
4 KB 125ms
124ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2011/08/Washington-America-Ad1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Thu, 04 Aug 2011 05:00:00 GMT
Server: nginx
ETag: "e95-4a9a6da5c7400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 3733
X-Proxy-Cache: HIT

GET
H/1.1 200
OK Orlypix1.jpg
www.orlytaitzesq.com/wp-content/uploads/2014/04/ 117 KB
118 KB 116ms
116ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2014/04/Orlypix1.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Tue, 01 Apr 2014 05:00:00 GMT
Server: nginx
ETag: "1d503-4f5f40a459400"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 120067
X-Proxy-Cache: HIT

GET
H/1.1 200
OK wp-embed.min.js Show response
www.orlytaitzesq.com/wp-includes/js/ 1 KB
2 KB 117ms
116ms Script
application/javascript 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-includes/js/wp-embed.min.js?ver=5.1.4
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Thu, 13 Dec 2018 03:28:02 GMT
Server: nginx
ETag: "57b-57cdee6e67480"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 1403
X-Proxy-Cache: HIT

GET
H/1.1 200
OK style.css
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/ 13 KB
13 KB 125ms
124ms Stylesheet
text/css 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Wed, 20 Jul 2016 17:35:21 GMT
Server: nginx
ETag: "3333-53814a0278840"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 13107
X-Proxy-Cache: HIT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 7049
date: Sat, 15 Feb 2020 21:28:01 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Sat, 15 Feb 2020 23:28:01 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 109ms
20ms Script
text/javascript 143.204.94.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-77.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Jun 2019 00:49:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 21335785
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
X-Amz-Cf-Id: ozf-9dJJpqzbKOX960TIh0HCOip1NjEsDeYrWrM-4sO_PEVBFkSm6Q==

GET
H/1.1 200
OK gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 86ms
27ms Script
application/javascript 143.204.94.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: s.gweini.com
URL: http://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPOrlyTaitz
Protocol: HTTP/1.1
Server: 143.204.94.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 20:09:39 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Jan 2020 19:47:21 GMT
Server: AmazonS3
Age: 11752
ETag: "e7bb56484553f1223fea5d70ca7104f4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15682
X-Amz-Cf-Id: W-CSf2ol-gguiCMsbsOp6sptnIlYw9boeLffpSZNjrk8ItlTNHjV6A==

GET
H/1.1 200
OK Masthead_Orly_960x244_DOFF.jpg
www.orlytaitzesq.com/wp-content/uploads/2016/06/ 52 KB
52 KB 122ms
121ms Image
image/jpeg 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/uploads/2016/06/Masthead_Orly_960x244_DOFF.jpg
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Sat, 11 Jun 2016 15:48:28 GMT
Server: nginx
ETag: "ce55-5350296194b00"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 52821
X-Proxy-Cache: HIT

GET
H/1.1 200
OK top.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 51 B
348 B 240ms
236ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/top.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "33-4bd601c879400"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 51
X-Proxy-Cache: HIT

GET
H/1.1 200
OK ul-bullet.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 140 B
438 B 237ms
224ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ul-bullet.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87ecb1f5bf30a4f019788a64ac0bc004176a28a539eb37bef3db06e1e44e0351

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "8c-4bd601c879400"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 140
X-Proxy-Cache: HIT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 57ms
22ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
X-Cache: HIT, HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 29101
X-Served-By: cache-bwi5122-BWI, cache-fra19128-FRA
Last-Modified: Wed, 05 Feb 2020 23:55:53 GMT
Etag: "d6438f3ded1a231e0c47db28e12b2834+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
TW-CDN: FT

GET
H2

200

OreNM9NDxlE
www.youtube.com/embed/ Frame 08EC
Redirect Chain

http://www.youtube.com/embed/OreNM9NDxlE?rel=0
https://www.youtube.com/embed/OreNM9NDxlE?rel=0

0
0

123ms
123ms

Document
text/html

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OreNM9NDxlE?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/OreNM9NDxlE?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
x-content-type-options: nosniff
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Sat, 15 Feb 2020 23:25:30 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=kS9cspQAYDo; path=/; domain=.youtube.com; secure; expires=Thu, 13-Aug-2020 23:25:30 GMT; httponly; samesite=None YSC=Yb3AaKPONb8; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=kS9cspQAYDo; path=/; domain=.youtube.com; secure; expires=Thu, 13-Aug-2020 23:25:30 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 15-Feb-2020 23:55:30 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

Location: https://www.youtube.com/embed/OreNM9NDxlE?rel=0
Non-Authoritative-Reason: HSTS

GET
H2

200

948FBVCqTu4
www.youtube.com/embed/ Frame AA5E
Redirect Chain

http://www.youtube.com/embed/948FBVCqTu4?rel=0
https://www.youtube.com/embed/948FBVCqTu4?rel=0

0
0

65ms
65ms

Document
text/html

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/948FBVCqTu4?rel=0

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/948FBVCqTu4?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-encoding: br
strict-transport-security: max-age=31536000
date: Sat, 15 Feb 2020 23:25:30 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=5xT0RF5jCqw; path=/; domain=.youtube.com; secure; expires=Thu, 13-Aug-2020 23:25:30 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 15-Feb-2020 23:55:30 GMT YSC=EE9pR7kkNmg; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=5xT0RF5jCqw; path=/; domain=.youtube.com; secure; expires=Thu, 13-Aug-2020 23:25:30 GMT; httponly; samesite=None
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

Location: https://www.youtube.com/embed/948FBVCqTu4?rel=0
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found /
www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/ Frame E71F 0
0 250ms
218ms Document
text/html 54.209.86.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.petition2congress.com/9026/start-immediate-investigation-barack-obamas-use-forged-ids-ct-ssn/wt/?src=widget
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 54.209.86.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-86-7.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: www.petition2congress.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.orlytaitzesq.com/

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 740
Connection: keep-alive
Server: Apache
Cache-Control: no-cache, private

GET
H/1.1 200
OK bullet.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 49 B
346 B 125ms
124ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/bullet.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "31-4bd601c879400"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 49
X-Proxy-Cache: HIT

GET
H/1.1 200
OK foot.gif
www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/ 50 B
347 B 119ms
119ms Image
image/gif 35.209.63.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/images/foot.gif
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.209.63.6 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.63.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51

Request headers

Referer: http://www.orlytaitzesq.com/wp-content/themes/elements-of-seo_1.4/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Last-Modified: Wed, 11 Apr 2012 05:00:00 GMT
Server: nginx
ETag: "32-4bd601c879400"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 50
X-Proxy-Cache: HIT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=335225539&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=O...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=335225539&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...

35 B
101 B

18ms
13ms

Image
image/gif

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=335225539&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1423801895&utmr=-&utmp=%2F&utmht=1581809130412&utmac=UA-38912701-1&utmcc=__utma%3D209516236.221892569.1581809130.1581809130.1581809130.1%3B%2B__utmz%3D209516236.1581809130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=647825390&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=335225539&utmhn=www.orlytaitzesq.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OrlyTaitzEsq.com&utmhid=1423801895&utmr=-&utmp=%2F&utmht=1581809130412&utmac=UA-38912701-1&utmcc=__utma%3D209516236.221892569.1581809130.1581809130.1581809130.1%3B%2B__utmz%3D209516236.1581809130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=647825390&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 84ms
20ms Image
image/gif 13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=OrlyTaitzEsq.com&time=1581809130513&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&random_number=263962614&sess_cookie=6f20552d1704b2bdc1025314311&sess_cookie_flag=1&user_cookie=6f20552d1704b2bdc1025314311&user_cookie_flag=1&dynamic=true&domain=orlytaitzesq.com&account=FEYuj1aAkN00q1&jsv=20130128&user_lang=en-US
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 15 Feb 2020 09:06:53 GMT
Via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified: 20110117123941
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 92351
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: MsBYdr69b930bc_5jfIMpSbu6qRCm6nd2V7pNNVrQ7y29Y_E2cbGBQ==

GET
H/1.1

200
OK

test.png
a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net/
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net/test.png

58 B
58 B

354ms
334ms

Image
text/plain

54.240.172.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net/test.png
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 54.240.172.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-172-10.hio50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:31 GMT
Via: 1.1 38e44b0b4251fbfb70eb0f304e9558fb.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: 1Zg20-BfpTyhuN7jRH-MmpzFurNYaoBynRnQdYD_xgAE7djCauZBsw==
Expires: Sat, 15 Feb 2020 23:25:31 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Sat, 15 Feb 2020 23:25:30 GMT
Server: Server
Content-Length: 0
Location: http://a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net/test.png

GET
H2 200 widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html
platform.twitter.com/widgets/ Frame C644 0
0 70ms
22ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=http%3A%2F%2Fwww.orlytaitzesq.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
last-modified: Wed, 05 Feb 2020 23:46:01 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Sat, 15 Feb 2020 23:25:30 GMT
x-served-by: cache-iad2132-IAD, cache-fra19169-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 3BA4 8 KB
3 KB 260ms
246ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 28d76f867bf1d931ef2073f8b87f297cbfd2b4477258d67f029d7f3ba8bae58e

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3031

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 3305 8 KB
3 KB 259ms
246ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 37793007ece21aec21516a43c2dbee50c5a8223738edd30fc1c1cb0533a347e9

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3034

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 00F6 8 KB
3 KB 264ms
251ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dde0677c0b0db11379d66827895724d5fb5b196ecb1dc01c0dcfd920e0db094b

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3034

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 89DF 8 KB
3 KB 260ms
246ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Requested by: Host: fs.gweini.com
URL: http://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4fef72bbf954883510edf5344dda10f894f2a64cfdff4a3d037b2de76370c71a

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 3031

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 249ms
192ms Image
image/png 35.173.95.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7281&Zone=ATF&g=65
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.173.95.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-95-229.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 15 Feb 2020 23:25:30 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 247ms
191ms Image
image/png 35.173.95.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3001&Zone=ATF&g=603
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.173.95.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-95-229.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 15 Feb 2020 23:25:29 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 263ms
207ms Image
image/png 35.173.95.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=LCST0401ORLY3002&Zone=ATF&g=333
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.173.95.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-95-229.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 15 Feb 2020 23:25:29 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
317 B 264ms
207ms Image
image/png 35.173.95.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.lanistaads.com/ServeAd?s=t&AdSize=728x90&SiteID=LCST0701ORLY7282&Zone=ATF&g=974
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: HTTP/1.1
Server: 35.173.95.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-95-229.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 15 Feb 2020 23:25:30 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H2 200 button.a657e8de41cd5e7b38cde1f36c9ab9c2.js Show response
platform.twitter.com/js/ 7 KB
2 KB 22ms
22ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.a657e8de41cd5e7b38cde1f36c9ab9c2.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8fb0dbd66e3091dd62288e41c7cf318688f865c82235b9b20859f137616b8fb0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2298
x-served-by: cache-iad2134-IAD, cache-fra19169-FRA
last-modified: Wed, 05 Feb 2020 23:45:52 GMT
etag: "09b3168455e779aae7dfda717bf2c67c+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 tweet_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
platform.twitter.com/widgets/ Frame 9574 0
0 24ms
24ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.7303c29a8108bca4ac5c9ef008ed8164.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
last-modified: Wed, 05 Feb 2020 23:45:58 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "01d9af497035167f6b7f40b91851b88b+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Sat, 15 Feb 2020 23:25:30 GMT
x-served-by: cache-iad2122-IAD, cache-fra19169-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12386

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
338 B 133ms
132ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.orlytaitzesq.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1581809130783%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%224a203525%3A1580945701206%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Sat, 15 Feb 2020 23:25:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 12f0ba334ec9b7644ba71c810ca16465
x-transaction: 0094c63600ddfcb2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 4000 277 KB
277 KB 58ms
27ms Script
application/javascript 13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=732&width=300&height=250
Protocol: HTTP/1.1
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 06:44:15 GMT
Via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 60076
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: nqKiM66pXsiNavQYtISiwRrLB8EHeRVrQqaWKnOuzKWnVJtsX32qgA==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4000 43 KB
15 KB 47ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "429 / 903 of 1000 / last-modified: 1581701607"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14535
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 7707 277 KB
277 KB 48ms
27ms Script
application/javascript 13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=727&width=728&height=90
Protocol: HTTP/1.1
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 06:44:15 GMT
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 60076
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: 7W57wYdEYzFwAvEknk6AZBRgg6nl7RvIFWDBmedo6T8-a8Sk_WIPQg==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7707 43 KB
15 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0630637c1d2b309e9e1eec0755b10affe7d265890cbc467bf733c554cab8bb75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "429 / 212 of 1000 / last-modified: 1581701670"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14535
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 2857 277 KB
277 KB 40ms
27ms Script
application/javascript 13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=729&width=728&height=90
Protocol: HTTP/1.1
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 06:44:15 GMT
Via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 60076
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: 6_YHRH-g_fGtNWSrp6yV3Fu2p3EKR82Y20qrzsHY8Ua7x7AiF2WQeA==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2857 43 KB
15 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0630637c1d2b309e9e1eec0755b10affe7d265890cbc467bf733c554cab8bb75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "429 / 290 of 1000 / last-modified: 1581701670"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14535
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 88EA 277 KB
277 KB 40ms
27ms Script
application/javascript 13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: ads3.mthsense.com
URL: http://ads3.mthsense.com/RenderAd.aspx?id=733&width=300&height=250
Protocol: HTTP/1.1
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 06:44:15 GMT
Via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 60076
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: tRwsPeP-RWyF_cw8u8i5SjqOmVNmnTXlBjqaOuTkD1rqmlLoGq_HSQ==

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 88EA 43 KB
15 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "429 / 770 of 1000 / last-modified: 1581701607"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 14535
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4000 109 B
171 B 33ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4000 109 B
778 B 28ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4000 167 KB
61 KB 82ms
34ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7707 109 B
171 B 26ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7707 109 B
171 B 22ms
17ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7707 167 KB
61 KB 106ms
65ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2857 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2857 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2857 167 KB
61 KB 84ms
53ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 88EA 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 88EA 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 88EA 167 KB
61 KB 101ms
74ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:30 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4000 0
63 B 62ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4000 238 B
2 KB 177ms
93ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=b26c35e3-c50b-412e-a3ab-812af0d7c0c6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9820592089133535
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: ea9c45b329f37316ffec030f0914953fa25be8db65cdbc9a2b0a65b8213b8865

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:31 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=209
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4000
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4

0
-1 B

449ms
382ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 4000 0
215 B 59ms
21ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
cw-server: bid-deployment-5d67dcf799-7t4tg

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4000 50 B
746 B 54ms
40ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:33 GMT
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.109:80
AN-X-Request-Uuid: ad8c7c3e-c703-4fef-96e6-c38cf233e501
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 7707
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2

0
-1 B

168ms
109ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
Requested by: Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7707 0
63 B 46ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7707 237 B
2 KB 148ms
68ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588898&size_id=2&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=8033a46b-d1bf-4dba-8bae-ab94f4e9bfb1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7135906379193575
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 9f90970621838df66e46611de4393b1c44b883666f9aff354c494c83bd0dd5b0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:31 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=284
Content-Length: 237
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7707 50 B
746 B 53ms
40ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:33 GMT
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.176:80
AN-X-Request-Uuid: bf4c8902-0b4a-4d05-8af0-3eef6d4e3909
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 7707 0
214 B 49ms
21ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cw-server: bid-deployment-5d67dcf799-65hss

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2857 50 B
746 B 47ms
34ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:33 GMT
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.205:80
AN-X-Request-Uuid: c79d779a-3e34-461f-8542-029a3b6af91d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 2857 0
212 B 36ms
22ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
cw-server: bid-deployment-5d67dcf799-q6chx

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 2857 0
119 B 30ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2857 237 B
2 KB 228ms
96ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588898&size_id=2&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=afa281e6-4def-4666-a1c9-cccc53ef86cc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8167005858033671
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 78be3ff1e2a180ed9b9603ebf05e20462300b221395fad02397be1553d06565c

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:31 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=408
Content-Length: 237
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 2857
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2

0
-1 B

414ms
372ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 88EA
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4

0
-1 B

423ms
387ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 88EA 238 B
2 KB 195ms
50ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=http%3A%2F%2Fwww.orlytaitzesq.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=e3d29609-7d6b-417f-b0d9-6218e1d10b52&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8185695878654278
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: ab4fb25eca1c647e5db3ffb3d8ba804484f15c7b92687f172a0ada3bc044719c

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:31 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=221
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 88EA 50 B
745 B 49ms
25ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

HTTP/1.1

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Feb 2020 23:25:33 GMT
X-Proxy-Origin: 82.102.19.133; 82.102.19.133; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid: 1b354650-0d17-4329-93f8-228b0728fa85
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.orlytaitzesq.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 88EA 0
373 B 25ms
20ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Feb 2020 23:25:30 GMT
server: envoy
status: 204
cwdl: 22/109
access-control-allow-origin: http://www.orlytaitzesq.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cw-server: bid-deployment-5d67dcf799-zqj7m

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 88EA 0
63 B 184ms
182ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://www.orlytaitzesq.com

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 7707
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidflo...

0
-1 B

370ms
370ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 2857
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidflo...

0
-1 B

111ms
111ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4000
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidflo...

0
-1 B

118ms
117ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 88EA
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidflo...

0
-1 B

114ms
113ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: http://www.orlytaitzesq.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 7707
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidflo...

0
-1 B

421ms
364ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 2857
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidflo...

0
-1 B

427ms
374ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4000
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidflo...

0
-1 B

410ms
374ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 88EA
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidflo...

0
-1 B

398ms
363ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 88EA
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809130;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;b...

0
-1 B

375ms
374ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 7707
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;b...

0
-1 B

110ms
109ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:31 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4000
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;b...

0
-1 B

110ms
109ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 2857
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;b...

0
-1 B

109ms
108ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 7707 606 B
979 B 141ms
141ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a82db0-504a-11ea-83bb-127f7115e3c4;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1302bf97e5ad182;misc=1581809130980;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 8ede857346e9c519245071cb9a626b4d178d48f4ce39d1b233af284c66d8f5a2

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4000 606 B
929 B 141ms
141ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75a9399e-504a-11ea-bb8b-12a08556f668;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=1395239d4e6f1e2;misc=1581809130972;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 983a4afed5784f11c2393ae863290f4dda4b3860c647d23b52e1d09c8d83d3cf

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ Frame 2857 605 B
928 B 143ms
142ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315969/0/0/ADTECH;apid=1A75a93d7c-504a-11ea-ae4f-12380fdf0cb2;cfp=1;rndc=1581809131;v=2;cmd=bid;cors=yes;alias=13bb7e7b93f1a39;misc=1581809130997;bidfloor=0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1e433519d956006c715d549cd37ddf3d807e34356e238dc98e80df2b8d0a71bb

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 605
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7707 4 KB
3 KB 237ms
237ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2490014838477699&correlator=3786218221582564&output=ldjh&impl=fifs&adsid=NT&eid=21065540%2C21063635%2C21065352%2C21065393%2C21065433&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7281__54%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1581809132&dt=1581809132232&dlt=1581809130837&idt=226&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=545&adys=16&adks=3753387349&ucis=ip7yrwiqhtil&ifi=1&ifk=3718035668&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=390860420&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e159a206a87beed7a6fe403f402c665c2d87940419d13cb0b49088255e9db114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2341
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293814843
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7707 66 KB
24 KB 31ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7707 0
0 18ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4000 4 KB
2 KB 220ms
220ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3115741456264101&correlator=3139539944867116&output=ldjh&impl=fifs&adsid=NT&eid=21065379&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3001__54%26passback_pb%3D0.40%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1581809132&dt=1581809132264&dlt=1581809130826&idt=228&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=313&adys=483&adks=30620639&ucis=ckv24nrwsk58&ifi=1&ifk=1621562291&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=2017216390&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

3c501d6cfb12b6f49c1e49f20852444ce49e02d48c4f43f55963e950f782a0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2189
x-xss-protection: 0
google-lineitem-id: 5219468552
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293843660
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4000 66 KB
24 KB 32ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4000 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2857 4 KB
2 KB 249ms
249ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3669687762090960&correlator=2718616555406267&output=ldjh&impl=fifs&adsid=NT&eid=21065540%2C21065304%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_name%3DLCST0701ORLY7282__54%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1581809132&dt=1581809132278&dlt=1581809130850&idt=195&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=11426&adks=3698927989&ucis=kruzhz7mwnm5&ifi=1&ifk=3718035668&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=1814280168&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

595185e8c2266b939f3cc83df406c3f5312e7f5b5871e40ed8e96e13759e444a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2341
x-xss-protection: 0
google-lineitem-id: 5218642977
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293814429
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2857 66 KB
24 KB 31ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2857 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 88EA 606 B
735 B 199ms
198ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A75d0a588-504a-11ea-a942-1222202f268e;cfp=1;rndc=1581809132;v=2;cmd=bid;cors=yes;alias=13ad70f06c4c7c4;misc=1581809131003;bidfloor=0.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: df090bcd78dc4d08ff54765ce2183abd8e8e4d7521ee8eeab725388a3fe81324

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 88EA 4 KB
2 KB 276ms
275ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1255458214202977&correlator=2747631406517823&output=ldjh&impl=fifs&adsid=NT&eid=21065390%2C21065304%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DLCST0401ORLY3002__54%26passback_pb%3D0.40%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1581809132&dt=1581809132469&dlt=1581809130856&idt=176&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=973&adys=637&adks=31174620&ucis=xhqpfw52ewn3&ifi=1&ifk=1621562291&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&ref=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=11&icsg=554&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=1482178326&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

0e7a1f5f46bcd6a759131b5146918ed48f03dec9b937c5dfbc5d13bfc94fc4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
google-lineitem-id: 5219468552
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293847344
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 88EA 66 KB
24 KB 32ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 88EA 0
0 9ms
8ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E4F5 0
0 36ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRKFUWHvZTbxj5ewiFnO7aXIopFDpGS11knhT1IpZUxNZJ3DiJq-sZDJlD1JkQT25LNEckzua3isv5p5K5S7guJ6vx6uSjnE7CuGSb5GZ92yghKg3VsWQ4JjekO1aID9M2nFigy_mFsJ8kjT31XlRLdq70CRtfIozCR3iJekZbKbv0HYB_jiFY8OShoRyrKA-Cm25QLBWEEgerNX6cpbCmIZsoWMR639RTVlxoVhCc103aP3md_UO3QghusD8ioD27lSei0aBPdCVSUuat8a4HE5A&sig=Cg0ArKJSzOtKoPBS0ANREAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E4F5 43 KB
14 KB 32ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

63a40a9e3989f9099e213206f645aef32d9c041b8fe0a5016999f1701aa76c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "429 / 539 of 1000 / last-modified: 1581701607"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14535
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4F5 72 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7707 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8A5 0
0 34ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIiXGKE6ZFTdncrxdRjAzk5VKX7eWWgEpDZYwIzcNc5dsidvCnyhxNTdhcDeQrlraexGcHXdMqnFQoEgFet6ocBLuNXmwxgFNhUvMfaERMRK-5GdWCE6rsspazP316FIn3oxmHpIROUwzURhOS9H5Ubp2hTTbP4-jmp0_ewvXFIPbEJ2q9pCa-2jTPenvMuAGG_AARo4WlZyRPNoI8w6jStkv3V4gKNmxmuno7TJxWZWsra42RlyaWE3QtpVoWIrfQ9rU8IKAomBsaix9LPrU5HTM&sig=Cg0ArKJSzI0oK8Z2ZSziEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B8A5 43 KB
14 KB 31ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

63a40a9e3989f9099e213206f645aef32d9c041b8fe0a5016999f1701aa76c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "429 / 988 of 1000 / last-modified: 1581701607"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14535
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8A5 72 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4000 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1FA9 0
0 35ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstorITeUaUcWlAWFeC8OOL5cu_NKU2QibfpAgwQ7_RnwcrbdSwGZr4Cg-AxmkUZXKw5IMikBOuIYe8sRBT68nxp8CG6YsKxOTsrfB2xr9Q7Om3WKHEVGH_HMmuvMFADL9sofxiq0BkEq5oif8hXcwpNVXKTnzNKqREmEeKLb0-9TqGjiL3_tmQJN_QyNrbe8HKoSiKf80X-B9cqT_LwjyrEAoa7DVlnYlNTWvYw2loSo6zZNKgPlwELBuvvV9Q2olWC1_j6if6GGQvkY543ihsJIMg&sig=Cg0ArKJSzP7M5-YYabOTEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1FA9 43 KB
14 KB 32ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

63a40a9e3989f9099e213206f645aef32d9c041b8fe0a5016999f1701aa76c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "429 / 835 of 1000 / last-modified: 1581701607"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14535
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FA9 72 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2857 74 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2857 7 KB
6 KB 31ms
18ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f687a111a0aa3337d09a85c0a032f5c5a9bef169d91538917471aab775dbac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5174
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame E4F5 109 B
778 B 65ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E4F5 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E4F5 167 KB
61 KB 31ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
DATA 200
OK truncated
/ Frame E4F5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2d695ba0ba4d4818f44a8b4bb93bd22def1973a2bdb845e0c6b11dd7407e164

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2857 21 KB
8 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js?21065540

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1580338855439378"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 8104
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
DATA 200
OK truncated
/ Frame B8A5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5170d39a8b6b53a53cfbac8bd21bec78dd051bf94afd598d94e152b935cabec

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1FA9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd9385b2904c658a9fd6f6456f148310a7a77bd17537b71b42000cdf6f1ce164

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame B8A5 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B8A5 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B8A5 167 KB
61 KB 31ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 1FA9 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1FA9 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1FA9 167 KB
61 KB 31ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E4F5 4 KB
2 KB 234ms
234ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3429957818798336&correlator=2086502963012583&output=ldjh&impl=fifs&eid=21065390&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D38defa13168355cc%3AT%3D1581809132%3AS%3DALNI_MZaYrwZ9eO0lGivOLxLXg7GZDGrkQ&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1581809132&dt=1581809132680&dlt=1581809132508&idt=167&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=545&adys=16&adks=3312051823&ucis=k5k3sq3wbsyv&ifi=1&ifk=3627238188&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=1750120390&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

9e5c8419fde052e39010bbed36fb5bff5f0303ac8b81af4d3004b2f7a2b8ff3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1976
x-xss-protection: 0
google-lineitem-id: 4666443339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667219
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E4F5 66 KB
24 KB 31ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E4F5 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame A70C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Sat, 15 Feb 2020 23:06:46 GMT
expires: Sun, 14 Feb 2021 23:06:46 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1126
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B8A5 4 KB
2 KB 176ms
176ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1264238453377064&correlator=4202423459055125&output=ldjh&impl=fifs&adsid=NT&eid=21065379%2C21065304%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D38defa13168355cc%3AT%3D1581809132%3AS%3DALNI_MZaYrwZ9eO0lGivOLxLXg7GZDGrkQ&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1581809132&dt=1581809132709&dlt=1581809132531&idt=173&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=313&adys=483&adks=1855475046&ucis=8v7l8vwoyzg1&ifi=1&ifk=624745926&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=813487127&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

a4911d821c9045a9df5cb794dae73e3fee1c922cc6f89ebb927547bf338153c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1988
x-xss-protection: 0
google-lineitem-id: 4666443747
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667192
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B8A5 66 KB
24 KB 31ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B8A5 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1FA9 4 KB
2 KB 258ms
258ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=901008891068775&correlator=2142633766785261&output=ldjh&impl=fifs&adsid=NT&eid=21065353%2C21065372%2C21065432&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D38defa13168355cc%3AT%3D1581809132%3AS%3DALNI_MZaYrwZ9eO0lGivOLxLXg7GZDGrkQ&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1581809132&dt=1581809132717&dlt=1581809132545&idt=168&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=11426&adks=3312051823&ucis=a0xysarxhwvn&ifi=1&ifk=3627238188&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=1389010283&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

5bc468ae726c4a72f464dfacef0d9d5d47ac034c1c84c0d75a75406f07e55858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1974
x-xss-protection: 0
google-lineitem-id: 4666443339
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667201
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1FA9 66 KB
24 KB 31ms
31ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 1FA9 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2CD0 0
0 33ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfSlpNepHaL51Oso6noauaNI_sti4RxcIhjpGHEbd4n9ds6vaH4lDQxtodsF-S5DUdTBuo4s921vhRNS7Xxs9EuORL1vZR1-wqWU049CH8PgtJX3Xp01Ne5Up1h3zYVdLfPW-2y_41ZERuVIR1w4dyxlFNFh-mwSL9cPSI6hIQwVv0e4AfpRL4xMBBFY-or0EaFSFkXJ_iAnLsVj0oYzf1a2jCArejHPbjc8iq_H6l2ElqlHmRV31rJ54yGBtnhg4OtRJmHq7AHfZh4Awx9xIUBhM&sig=Cg0ArKJSzCixK-DODCYTEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2CD0 43 KB
14 KB 31ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

63a40a9e3989f9099e213206f645aef32d9c041b8fe0a5016999f1701aa76c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "429 / 548 of 1000 / last-modified: 1581701607"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14535
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CD0 72 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88EA 74 KB
27 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 88EA 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71e0d47a9f2ac448d065aaee41e4d13e6cb564d3e4d22eff2ec8630106324399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5203
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 88EA 21 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1580338855439378"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 8104
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 2CD0 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2CD0 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2CD0 167 KB
61 KB 30ms
30ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
DATA 200
OK truncated
/ Frame 2CD0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28d62547b15838d078fb7389195fe691c19e7ae938a388b3c5800fdab1cd7e38

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2857 0
227 B 15ms
15ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=3669687762090960&bg=!qqmlqbFY27S9j_4R4_cCAAAANFIAAAAImQGZo57jLYsVmklfU2bif6O6hZRJXR_lIANWXF2RrBI4r-nwlVG6N4pHJlYCHNbgIJyqHOBirS49GCwfpW9H9DHgsMcw_rzCNMfiHbHJopRUpl5Cl0Vgc8aUr4SpWDY5cuEJTjA6zmXAvpFoH7PQhZ2et8vjuw2554gcT0xp8mnIjC3rlpot0HeOBjMJF1Qe5hTIxK_cCpfg-WVW3zx5_gNRUTjCO41Nl3jzBQu7Ao-jp0d3kF6VRyWhsMp7_4TA7PCuqvfVaFxWMtCSpRjm2tGT_HAuhzXvb9R-1F-lfa7OVMNwAOAFnq4PshgcL1jeSk_CX-F8LI9P1U6melFdtncxQMBtBrP_ApRvKkkZcYz2n7X1eXzUBTfcVy3YTZzTPTrBlHTdopweMX5HZuq6HRyA9oWMIYOocxvqA_-1Xx_Kze94i7KcpNq_JLcwUzVTaFNUFJe4qUVMf5sR2zOuuZ4owEDcRHT8baDUhVH0LJ19cwECyddfgjnkpycGWBwtzDgLjtr-WVvrB9KRs6Hki60yaJRC6qNsIcZ2zA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 5F85 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Sat, 15 Feb 2020 23:06:46 GMT
expires: Sun, 14 Feb 2021 23:06:46 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1126
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2CD0 4 KB
2 KB 154ms
154ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1478551976212238&correlator=2656378335222722&output=ldjh&impl=fifs&adsid=NT&eid=21062889%2C21064624%2C21065166%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200215&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3Dcf814c605a5deda4%3AT%3D1581809132%3AS%3DALNI_MatgdOJAylJF4GBySHSzbGgeOaMTA&cdm=www.orlytaitzesq.com&bc=23&abxe=1&lmt=1581809132&dt=1581809132846&dlt=1581809132762&idt=79&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=973&adys=637&adks=1855475046&ucis=14e9836c22fd7addaf831b707e7183a3&ifi=1&ifk=624745926&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=http%3A%2F%2Fwww.orlytaitzesq.com%2F&top=http%3A%2F%2Fwww.orlytaitzesq.com%2F&dssz=12&icsg=682&std=0&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=221892569.1581809130&ga_sid=1581809130&ga_hid=400850457&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

1e683c72bedcd3f2378224f28221593f6af0647bb36489c66c02b7ef0afafc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2003
x-xss-protection: 0
google-lineitem-id: 4666443747
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667183
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.orlytaitzesq.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2CD0 66 KB
24 KB 35ms
35ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2CD0 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BF87 0
0 34ms
34ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFbfPhBEgW0FgDUDV8L-eCA7jdfiy3bw_8F-9pGxtlDWTmz02XKW3SKn8qgrfjBxuM2Lnxf0YnjHuk3SBafd3Pw_4aqtqFfp0WMW09va7b8IyYwbNEjwCUYHBnJtPmiYKg451G0SeOw5vp2l2BfF9M1HLk4T3MLiwkJOxJWI-MfpeJzdGMY1tzaQlHwwoJ9BFy1pfTsIchVOo8OJFgzZOdr_n9Xt1q5dWUR64nbh368lDzjqULeZUB4SAP3XEF7gBzGx8iFGAqFmMoeDvfhtPQw8k-rA&sig=Cg0ArKJSzL-mIXLtUJduEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame BF87 81 KB
30 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8062080c907cea505d90676611df18f37e4a3b381b67536b1d2fd8d284da61d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1896365216647287824
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 30084
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF87 72 KB
27 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8A5 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B8A5 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d59cd396f27c191d71c73f12b06c6b329045eba9da96fbb5c23e5449b45a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5130
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B8A5 21 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1580338855439378"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 8104
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88EA 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=1255458214202977&bg=!sbKlsqpYV0_08hYIMLYCAAAAM1IAAAAJmQGZauvqXVBlOu1_QxbWFL-kubwwNU-JqW8GqfEJtdMp2IZ0FTPyEpG1dc3gpL2xAZF85QGBL57GJKlwHTxBsBh8DhsDcW6unJwIVZvoLWVndzURH657dRukfCk6VBu1bx5rcrItwC5Qp9s48If3VTURZBgiiwVbrbrpWoKG04YRzh2eaQN-TRt_qZYEGRrtyzHWJFqwLIr5pFA_5w0gsduLMrmSoK3LPmoJJ8WDT4YVl7Blvtn6CUwZEKzlPgGiUPuqxjUGxFLy6J6i49Gyi8Pa2U_jxNhT_x6HPeh0pecpAKTAfeS73v5DY06n0VYr_TOP8izx7CJvNzRoNSd9D4FlDcrbzNpN1UqP3Rabl0EBiCfeODMI1EfBEAdPLWje9kaT0WHhrGqhrYTAk3uXQWnpJb7Jwg4A_i_YWUe9KgqmfeQpOK4WAMeKjBAkKjue5PIPWubFLOCKMpu9H4GFXBmikUtMBZszplNg2B_5jO_ecQaslB-btGkVkCgGtkCctu-5el5sOTBag8OQrl34AGdQge5XfWHv6cziwQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6366 0
0 35ms
34ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwsumhX3BKYeE8I1E8Nu0LhlW64wspQqFXuHn_2rOa0rv36is1IJZm_qtSzo4Ej0OFZ5iZXlZQE8MmijlfwDyaOWWuGw5zRBJ0lYrowKBDlKo8FuQzt9C4EkWsX3hDIVrvOtwiZagh4y07GlwKJURdE63AP-5RknoEvXTGrIA-FR-dYnp4CZOZkrIdslTCZB2kJizS5SO9sfJPAIuORHe_zb74zj2Lr9JljkfZEqfFlQLU89_i4-OCXppVs1tHnSjxQZN3u8_dpj6Y0YHU3IHkkmbJfA&sig=Cg0ArKJSzACnFoJNLDaJEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6366 81 KB
30 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8062080c907cea505d90676611df18f37e4a3b381b67536b1d2fd8d284da61d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1896365216647287824
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 30084
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6366 72 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4F5 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame BF87 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BF87 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame BF87 221 KB
83 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39387ba8fdcd8ed6985a9e6752afe1669f60eaf13bedcf8c3cf968049d1a4f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84527
x-xss-protection: 0
server: cafe
etag: 740724096962296026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/ Frame 5284 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200212/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlKNiPNOA6q0bBJStTKBGHYFexRl4KGhNsw_x4bjxqAqVGV3Msn2HtmPpGa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 13 Feb 2020 01:43:32 GMT
expires: Thu, 27 Feb 2020 01:43:32 GMT
content-type: text/html; charset=UTF-8
etag: 17772678075199185246
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4496
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 250920
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame BF87 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d7ff730ef94e3bda71e5a01a1bb63ad7ae2d92baf3b053cd2a5056e6ed71416

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6366 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6366 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 6366 221 KB
83 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Feb 2020 23:25:32 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 08B9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Sat, 15 Feb 2020 23:06:46 GMT
expires: Sun, 14 Feb 2021 23:06:46 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1126
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4C68 0
0 34ms
33ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVNlkKOjmnCWmIC5OAEVNPYSeCqdlAqaF6NV1PXVaIPtOi30la5HPA7ktFagixWTi1Bk7B3yQimG6Gv9TWXWqizAs2cnpvWvfjnTqebaWOWb-sejWl9k8FoJdq6OrobygzJuX7uQWGd1X_NHXGEWt44-dHlbxVO87vghshnHL9sko0P7lrZGf8BJiPIK9igPuex_mqzbRatxJlLMbXMsZwrePfd8mjkfDWcNUcJ7xB_NC3uI4PtBtpBINzrVfW1gjcc5RqgbcbEI0JVopaBY2ymuW_Rw&sig=Cg0ArKJSzKrkxXEUkTzGEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4C68 81 KB
30 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8062080c907cea505d90676611df18f37e4a3b381b67536b1d2fd8d284da61d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1896365216647287824
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 30084
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C68 72 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FA9 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
DATA 200
OK truncated
/ Frame 6366 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9882089c32b714173bdd245c0e724141a905f06e3f254af6e29527d728a08dc

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

300.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame B101
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=250&slotname=6912765793&adk=410023260&adf=702193765&w=300&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlyt...
https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm

0
0

82ms
20ms

Document
text/html

13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 160
Connection: keep-alive
Date: Sat, 15 Feb 2020 02:03:22 GMT
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
ETag: "289729310fcbc457ec23291fb3982e23"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: _miKk8eA6D56Ihxvixvg_z5i7APRfE7StE6DfbZBVu1l78AotPPmgw==
Age: 76932

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 15 Feb 2020 23:25:33 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF87 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 412F 0
0 34ms
34ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2j3AJqPX5uMxrX_BhDNGECqQJI8Wz5Fyb0lJfQCYOXREbYSAj-Bs_svwW4ClyX1U0RB7_P0SSLJCUuXU2MDlCGrmPXIGnFyoJAgmbUFu3dlymlaPGcvBo1w2LK1OnUwEf6o1nicCiEjhrJopHp2VUAIngXombYKyoAHqwKoO8lWYmZAzlhhdEERpXnTbkho9g7DTBNPUBR6LcMUtUGKkbRIzElSHmkvJGNuvNEeivtZ5nv2hzvYlgO-H-FjGAELHP4ON1kGN3ePc4xZCJEQ4xRNoKWA&sig=Cg0ArKJSzNdMV8674c7oEAE&urlfix=1&adurl=

Requested by

Host: www.orlytaitzesq.com
URL: http://www.orlytaitzesq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 412F 81 KB
30 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8062080c907cea505d90676611df18f37e4a3b381b67536b1d2fd8d284da61d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1896365216647287824
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 30084
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 412F 72 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CD0 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2CD0 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfae362d9057097582b30f17ced2ae19a441d1b6ddf8e84761993f56de3e3527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5167
x-xss-protection: 0

GET
H/1.1

200
OK

728.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame 6B6E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193764&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlyt...
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

0
0

89ms
27ms

Document
text/html

13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 158
Connection: keep-alive
Date: Sat, 15 Feb 2020 04:54:47 GMT
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
ETag: "ad7b75065ec6b24a73a254d232ead673"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: DkcNCXzWEXrx6dLTqOGmiAm8zNPqqc1dz_JKIgK2syiCa9msGOm-AQ==
Age: 66647

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 15 Feb 2020 23:25:33 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6366 74 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4C68 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4C68 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 4C68 221 KB
83 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f5d2003b2ac0a86d10955d833be06c656505a5cc951442d8aa292d18e0069b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84528
x-xss-protection: 0
server: cafe
etag: 16180047908743296753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
DATA 200
OK truncated
/ Frame 4C68 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38eed7909397a5461226a98fa5f915b03658ea25061fb3d8ba73ca687eb76e4c

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CD0 21 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1580338855439378"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 8104
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 412F 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 412F 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.orlytaitzesq.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 412F 221 KB
83 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
DATA 200
OK truncated
/ Frame 412F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bb10c6a7794ebf8dd38b18ed6f8bc1b20bd329a358dbd14e1094e13a30e3d7d

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8A5 0
58 B 20ms
14ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=1264238453377064&bg=!AwClABhY6SWAyvLeMSICAAAANlIAAAAJmQGfyfTDiM4MDSZI_WEWDGjV_nGk_3YCDnAYOMKnW5HaNhKL7qBuMY2EUIfBEz-CEi1gnwfE8j6Woj5c5_2T9GoDoa4xi_n3VCG3fcGmwNJzhLBlXQJb-HiPpn8GdWve0WenRyqvwxl9Q85JsjIBwmaQaM3YJwEOj0CS-xGv0rtmbDPLOKWLRDkl2-FzfyaQ5A67G8rHjI4cdCrMLN_rzR9aQPGN6gQewhXRvjNWYnaj2kVS8aMsR5bxDahrvp5UmFxH_C5N556p5YdSsYwcHjw-tkqhVlaZQv6DhmLkYBIP6YNDs6HkZ0NJc6lUOd5zoP8hv83kq8itAi-1VF5-nXE3rfJAZJoch3Bep15K2cQFd_RPBKRQhtRYyHpP_nGaEgnMkesX_tX5hLiH6dI0BArIAK-YPfXyJTrXf5yW7vIckXtJgSbEUJ9QzJDBkeEvDvIOZQ18LpF_FMWuRG4xJ4SkcW_zkiv6_-zM82kNE7tdqXPHMYnKmNtq-Cs4PHs_n-SfYaqDtU0ca1wG1O0OSZhV8OMfu63YmBsS1XhPRPWMuA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

728.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame E09D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=90&slotname=9866181553&adk=2660574010&adf=702193767&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlyt...
https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm

0
0

40ms
20ms

Document
text/html

13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 158
Connection: keep-alive
Date: Sat, 15 Feb 2020 04:54:47 GMT
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
ETag: "ad7b75065ec6b24a73a254d232ead673"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: 1hhsEVx1cpD0MrZGXtxGuDsI4ZrsX-SmHQFt2vGX-9BxXb9ThsCOCQ==
Age: 66647

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://d2tbmvllb55wxq.cloudfront.net/psa/728.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 15 Feb 2020 23:25:33 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C68 74 KB
27 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame BCF7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Sat, 15 Feb 2020 23:06:46 GMT
expires: Sun, 14 Feb 2021 23:06:46 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1127
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

300.htm
d2tbmvllb55wxq.cloudfront.net/psa/ Frame 37D8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9339919749774457&output=html&h=250&slotname=6912765793&adk=410023260&adf=702193766&w=300&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.orlyt...
https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm

0
0

21ms
21ms

Document
text/html

13.224.197.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.197.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-70.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: d2tbmvllb55wxq.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://www.orlytaitzesq.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

Content-Type: text/html
Content-Length: 160
Connection: keep-alive
Date: Sat, 15 Feb 2020 02:03:22 GMT
Last-Modified: Tue, 24 Oct 2017 16:46:17 GMT
ETag: "289729310fcbc457ec23291fb3982e23"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: KstPPdtf9nioyvvgRX0D7Shq1mzMIevLxXZuqjXPgy-hz1Wbw27ZRw==
Age: 76932

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://d2tbmvllb55wxq.cloudfront.net/psa/300.htm
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 15 Feb 2020 23:25:33 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 412F 74 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6366 7 KB
5 KB 22ms
22ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3de49cf7492fffe7e8e068d554a2d6daccf8ab8dd9d14b01dc093111dddde3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5252
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6366 21 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1580338855439378"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 8104
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CD0 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=1478551976212238&bg=!AgGlARlYWiKbdBonjW8CAAAAM1IAAAAKmQGfn0DG4SoKBOVfE6GX1GmOXYm5K8aw_7Mj6d6OCF4FK5i_7g3UPf37njZflFYNBnvkbGButpArQEhzksJ0Q4pxDSJhWW_raKnQEVpiFBTA5NPui2bwwFH9ii3TU5rEuh0DHtRZWhzYDIbToP9lUUgmf0T2zCQvgSSIKZCgyjUp-PJqSJkyBvlW903glzZXAEuHAyUIGQpK8B-wwQsLPPLO1MWm7jAriPZpDewB5-sNkGglR_sTO1NRVw6MyylpMr-qrh06PjjOKSJGtl5Mfbms36XQzdZCKdCQBDG7_xk6MaLuac5HgstngxbUgKSblJRUPjAPiouQXSNDtKofqgVrFTBzAOy1B5PbePJkbCRCG87qGzKamQmwKFhb7zYGlCr3weKzNOXxPi348O90mtv13X0XQW8UUzudEaWtA7bu4FDzMmKgdl9Mdwf6PkhsO-gXcw2J3cYWtpmJutoETcSrEHpzHS9eOuUWmcS7hr3VJMXopEIemat9CJHo4C9As_ljVungrd-2z9jL63UPSgfMaiP8tp-ESwQJ7FgHUGGr7A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 121A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Sat, 15 Feb 2020 23:06:46 GMT
expires: Sun, 14 Feb 2021 23:06:46 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1127
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 412F 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9491131b778c4d4cac9571b0f9eaf975a13fc75035742941f35da0943ab96f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
Origin: http://www.orlytaitzesq.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Feb 2020 23:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5135
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 412F 21 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 15 Feb 2020 23:25:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1580338855439378"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 8104
X-XSS-Protection: 0
Expires: Sat, 15 Feb 2020 23:25:33 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame DC3C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://www.orlytaitzesq.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://www.orlytaitzesq.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Sat, 15 Feb 2020 23:06:46 GMT
expires: Sun, 14 Feb 2021 23:06:46 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1127
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6366 0
49 B 15ms
14ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200212&jk=1377329071833421&bg=!1Nel189YDfb5IoML9QICAAAANFIAAAAJmQGlbffCoMYyczxV0Z14XxcmhmA2F0gqbUcr2Kw0KqxWIeXG3RGaDQcMWoae1W9IpFWWs-prdyjCBRzaufV1AixMjsJs3AL6JYGNwZgMQrqffxVwF2UIeG_whiO9oBvucTOlU4hKnnAdgC9Zmi33NO_YHBDeDg7G9ekOwXcOgdAJGIQNeuBkXJiHXComnKzPm8KVFaYkQGuC_L8UiZmRtyFuEbw36JFcO7-dTxERubYVZ4NCzlJqME9WH_CLYcqdSvc4lFfzPRVG6Zej72ZDCMg5qutHNLvBehhr6sbOEC9_wgpnT9tx-BPqOQg3mX7RjMjtw6oRO6mdBSjknQKDmQ831hQRtiM2ZMcv6T7ajkLKiI9UGvsj-5saHVCfYLBeuc0fVpWzTlSS7yTC2eltGltZ1CYwSbtISTSNLRz9fxCr6sdhVwwysjZkf0YeWg7JRr5B4by_0ltFr3VWsikv4BYE_9Hcebcg8mawbzMIyA_SnbpYK8QZFb-aR2kW3n0S-YRC_tdb4zZgdfN83ZpVPkDhLNB_zzesZvtJIeW3umU3Lz-O8Th0cQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 412F 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200212&jk=847916080866126&bg=!Dg2lDRVYYVqWB1ZR6GgCAAAAMVIAAAAJmQGlDVRDVRo72T_cUX0CG9QHk2baB4xI6NyWb9mVSmI3s7Krh-u4IduoFHhQ_q6yS5nVl-sssHGVUJxseeb-gFwfOrcKqTUA_qJ3X4MplKs-RJzfZZlHPKYMpj5juI1pRcDiPJH8anhHevCint56dssg-PEN9pjwFBM-BWA37usUK0X_IxMTscfr0WaCvgnRznkVh0wV3p3Id8GgU5dezDihb7bwWwFktgivtY8qyJkTNtdOxWhhQn6KXgUEeYvlH4L6p2mKBhsgG9EluFX2Uq0wkkqFqpRTbI3G4LL0qFWQr_2fmIbJAl0W48rWwSLMWZiF2WYGRmQVi0j8pBD0KrtyOZoGTE5RfqAgu8UmSenOo0649LU4kb0j1Ke_pAsQmby4j2sXKuzNd0t3aum1LQ5SCuCqrOAF8z4NC52jIcdvFCDh9rFUqBCLPY6GiKXHxMwZDcsM-czTbbuTff2SVdT8P1eAX7yDWNWVIPvkYGI8RTfuJE8E4KEqhPYsQNbX1dpIpyum1Sak0JLHjMYSNmvmrL8s7p6UCC0fFyQQe3pXrbA2fOP3kw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E4F5 42 B
115 B 16ms
15ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9pxQfImQz8QVhd1objuHOlEyniXtP7X8uwAE0MX7_foMhiCTAD06LxXxV-h9LbOap-2-WAQGpsOCAPFCuSX7yKHG41zf-RZx2s3woGKU&sig=Cg0ArKJSzEx7WRTnsscOEAE&adk=3753387349&tt=-1&bs=1585%2C1200&mtos=1074,1074,1074,1074,1074&tos=1074,0,0,0,0&p=0,0,90,728&mcvt=1074&rs=0&ht=0&tfs=222&tls=1296&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581809132517&dlt&rpt=172&isd=0&msd&ext&xdi=0&ps=1585%2C11567&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-4-12-12-0-0-0&tvt=1293&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B8A5 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMmBpKCpjzmkUU4R7Gte7qhH1LAzIUfs1KHtXVSBIW8Rr7D4eAvMYrEm0JjAmH0AyML8khy_GSqRZKXNl3DUVtWt3vrQ2eBWqbmxH_6UI&sig=Cg0ArKJSzBM_fOOJ-0jJEAE&adk=30620639&tt=-1&bs=1585%2C1200&mtos=1077,1077,1077,1077,1077&tos=1077,0,0,0,0&p=0,0,250,300&gcm=1&lcs=1&mcvt=1077&rs=0&ht=0&tfs=205&tls=1282&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581809132536&dlt&rpt=213&isd=0&msd&ext&xdi=0&msp=1&ps=1585%2C11567&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-1-12-12-0-0-0&tvt=1283&is=300%2C250&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:33 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2CD0 42 B
110 B 16ms
16ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstC5dnG4K93QB4GamXV7h00UraZ-FKm6C1XR8Yl7LtbByewLIIzHUWskfVhqLqAOdisox15ls3_tkrWaCHjost_1dzNBgeJRaFVT6nt4rc&sig=Cg0ArKJSzJqbw-SAAL3LEAE&adk=31174620&tt=-1&bs=1585%2C1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&p=0,0,250,300&mcvt=1016&rs=0&ht=0&tfs=254&tls=1270&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581809132765&dlt&rpt=134&isd=0&msd&ext&xdi=0&ps=1585%2C11567&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-2-12-12-0-0-0&tvt=1270&is=300%2C250&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BF87 42 B
110 B 20ms
19ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDKOc6uQ-eC7zzh3id-XauqqGzWkCGIHuyEvaYzKTqoIJT3PqNpgs1ILnHmOplGwQTSA9nRZnSkL6WNEUMrGk8z9ehRqvmJHZoYXi2HgA&sig=Cg0ArKJSzEi6vGUeGfKOEAE&adk=1855475046&tt=-1&bs=1585%2C1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&p=0,0,250,300&mcvt=1027&rs=0&ht=0&tfs=259&tls=1286&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581809132893&dlt&rpt=391&isd=0&msd&ext&xdi=0&ps=1585%2C11567&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-3-12-12-0-0-0&tvt=1285&is=300%2C250&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6366 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9HF1XtONpPUJx70neMKx-22DKkZHSpQORXgb-BYlEJA9LoLvATnaQmuLX4UL3YT6tlvV3uqfhoeEssbd0tGvf9uQW68pRWisZMASc5P4&sig=Cg0ArKJSzLeJ_a92CyNsEAE&adk=3312051823&tt=-1&bs=1585%2C1200&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&p=0,0,90,728&mcvt=1033&rs=0&ht=0&tfs=229&tls=1262&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581809132924&dlt&rpt=357&isd=0&msd&ext&xdi=0&ps=1585%2C11567&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-2-12-12-0-0-0&tvt=1262&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 412F 42 B
110 B 16ms
16ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVfPEE8WnJtGtibMqXoKDA26S4bj9Cr4X18I7oSdB22KuriHGngaURqh4Vu_SRTL5ZWr25VF2E6I6t7aL1x6qJD-78znkzg8xjtZW-Qnc&sig=Cg0ArKJSzMRzTLiQCO_IEAE&adk=1855475046&tt=-1&bs=1585%2C1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&p=0,0,250,300&mcvt=1015&rs=0&ht=0&tfs=225&tls=1240&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581809133058&dlt&rpt=301&isd=0&msd&ext&xdi=0&ps=1585%2C11567&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-2-12-12-0-0-0&tvt=1239&is=300%2C250&iframe_loc=http%3A%2F%2Fwww.orlytaitzesq.com%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55965/ Frame 7707
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=9u0tWPTsfAbuvS9T-740VfPrKFHusH9Tp719nkRl
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=9u0tWPTsfAbuvS9T-740VfPrKFHusH9Tp719nkRl&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

21ms
21ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=9u0tWPTsfAbuvS9T-740VfPrKFHusH9Tp719nkRl&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=9u0tWPTsfAbuvS9T-740VfPrKFHusH9Tp719nkRl&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7707 70 B
264 B 125ms
39ms Image
image/gif 52.215.180.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.180.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-180-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 200 prebid
bh.contextweb.com/visitormatch/ Frame 7707 49 B
565 B 65ms
21ms Image
image/gif 74.214.194.139
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/visitormatch/prebid

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.139 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-6c55bfb4dd-5dxtq
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56465/ Frame 7707
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

66ms
21ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4000 70 B
264 B 109ms
39ms Image
image/gif 52.215.180.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.180.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-180-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56465/ Frame 4000
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

66ms
20ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 prebid
bh.contextweb.com/visitormatch/ Frame 4000 49 B
556 B 48ms
20ms Image
image/gif 74.214.194.139
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/visitormatch/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.139 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-stage-0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55965/ Frame 4000
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=a2y362lt5rVzPLrkZ2yu4m84uuRzbLSwajqKCCoE
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=a2y362lt5rVzPLrkZ2yu4m84uuRzbLSwajqKCCoE&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

21ms
21ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=a2y362lt5rVzPLrkZ2yu4m84uuRzbLSwajqKCCoE&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=a2y362lt5rVzPLrkZ2yu4m84uuRzbLSwajqKCCoE&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 prebid
bh.contextweb.com/visitormatch/ Frame 2857 49 B
565 B 41ms
21ms Image
image/gif 74.214.194.139
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/visitormatch/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.139 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-6c55bfb4dd-rqjl6
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56465/ Frame 2857
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

65ms
21ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2857 70 B
264 B 57ms
38ms Image
image/gif 52.215.180.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.180.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-180-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55965/ Frame 2857
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

21ms
21ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 prebid
bh.contextweb.com/visitormatch/ Frame 88EA 49 B
384 B 21ms
19ms Image
image/gif 74.214.194.139
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/visitormatch/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

74.214.194.139 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
status: 200
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-6c55bfb4dd-rqjl6
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 88EA 70 B
264 B 40ms
38ms Image
image/gif 52.215.180.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: http://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.180.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-180-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 15 Feb 2020 23:25:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56465/ Frame 88EA
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

21ms
21ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55965/ Frame 88EA
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e

0
124 B

21ms
20ms

Image
text/plain

35.157.167.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.167.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-167-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.orlytaitzesq.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 15 Feb 2020 23:25:35 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=1&uid=0_Y9FNH3bErLpmpN1_IkGN-rORrL8D0Y1_EDAEYt&apid=1A75d0a588-504a-11ea-a942-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 11:42:41	Name: VISITOR_INFO1_LIVE Value: kS9cspQAYDo
.youtube.com/	1970-01-19 07:23:30	Name: GPS Value: 1
.orlytaitzesq.com/	1970-01-19 16:10:31	Name: __auc Value: 6f20552d1704b2bdc1025314311
.orlytaitzesq.com/	1970-01-19 07:23:30	Name: __asc Value: 6f20552d1704b2bdc1025314311
.orlytaitzesq.com/	1970-01-19 07:23:30	Name: __utmb Value: 209516236.1.10.1581809130
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Yb3AaKPONb8
.orlytaitzesq.com/	1970-01-19 07:23:29	Name: __utmt Value: 1
.orlytaitzesq.com/	1970-01-20 00:54:41	Name: __utma Value: 209516236.221892569.1581809130.1581809130.1581809130.1
.orlytaitzesq.com/	1969-12-31 23:59:59	Name: __utmc Value: 209516236
.orlytaitzesq.com/	1970-01-19 11:46:17	Name: __utmz Value: 209516236.1581809130.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a659604d8e9248bb8d772dd9a43246862.profile.hio50-c2.cloudfront.net
ads3.mthsense.com
adserver.adtech.advertising.com
adserver.adtechus.com
adservice.google.be
adservice.google.com
adservice.google.de
api.lanistaads.com
bh.contextweb.com
bid.contextweb.com
buttons.googlesyndication.com
certify.alexametrics.com
cloudfront-labs.amazonaws.com
d2tbmvllb55wxq.cloudfront.net
d31qbv1cthcecs.cloudfront.net
fastlane.rubiconproject.com
fs.gweini.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
match.adsrvr.org
orlytaitzesq.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.advertising.com
pixel.quantserve.com
platform.twitter.com
s.gweini.com
s.yimg.com
securepubads.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us.i1.yimg.com
www.google-analytics.com
www.googletagservices.com
www.netvibes.com
www.orlytaitzesq.com
www.paypal.com
www.paypalobjects.com
www.petition2congress.com
www.thegatewaypundit.com
www.youtube.com
104.244.42.136
13.224.197.70
13.225.78.28
143.204.94.125
143.204.94.77
151.101.12.157
151.101.14.133
152.199.21.35
152.199.21.89
172.217.22.2
185.64.189.112
193.189.143.34
23.210.248.226
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:20::681a:aaa
2a00:1288:f03d:1fa::2000
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2004
34.224.175.58
35.157.167.170
35.173.95.229
35.209.63.6
37.252.173.22
40.84.148.247
52.215.180.197
52.57.106.47
54.209.86.7
54.240.172.10
69.173.144.140
72.21.202.25
74.214.194.133
74.214.194.139
91.228.74.169
01477f6ccbc3484283dbba1f6f57b3a849b3b2ace00588213270d9ce9554703c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0630637c1d2b309e9e1eec0755b10affe7d265890cbc467bf733c554cab8bb75
06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88
070d4dea9892475272d9fa96611644f5cdb3abdc8bc1e5124e80ad7c8daca3ba
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0e7a1f5f46bcd6a759131b5146918ed48f03dec9b937c5dfbc5d13bfc94fc4bc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
163751a90018d686f4631e72fe3ffb8133a3e9a548b6a4372bdc5dd3a9d5f906
1665506ab8c83c485ed0a0b961e152b4208458f871b04399ffc5018baf316200
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc
1d001ffd8d372613954fdc500d03d6e0c0149dad92455fbde0bb1ecb93f2702b
1d68fb29bbb1da59354b9e0fe7639644a42e13d9e0381005f2b15f801916a24a
1d7ff730ef94e3bda71e5a01a1bb63ad7ae2d92baf3b053cd2a5056e6ed71416
1e433519d956006c715d549cd37ddf3d807e34356e238dc98e80df2b8d0a71bb
1e683c72bedcd3f2378224f28221593f6af0647bb36489c66c02b7ef0afafc55
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
21c4026c2095492e493a113f1774b3a13cf30e19a93a3e346023aa498e750a53
28d62547b15838d078fb7389195fe691c19e7ae938a388b3c5800fdab1cd7e38
28d76f867bf1d931ef2073f8b87f297cbfd2b4477258d67f029d7f3ba8bae58e
2bb10c6a7794ebf8dd38b18ed6f8bc1b20bd329a358dbd14e1094e13a30e3d7d
2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef3c331d5dd8cfd7cd4fa8afc1f482b8ba4a8e00a8e110ae7f70e0a6a8e5fe2
2f17ce8bab06450f044c8e5a7867bf0d05ec724fa0bfed2e633488d5633ba9d6
37793007ece21aec21516a43c2dbee50c5a8223738edd30fc1c1cb0533a347e9
38eed7909397a5461226a98fa5f915b03658ea25061fb3d8ba73ca687eb76e4c
39387ba8fdcd8ed6985a9e6752afe1669f60eaf13bedcf8c3cf968049d1a4f38
3c501d6cfb12b6f49c1e49f20852444ce49e02d48c4f43f55963e950f782a0ec
3de49cf7492fffe7e8e068d554a2d6daccf8ab8dd9d14b01dc093111dddde3f4
42434e578691eac8c007f427b49b962990dd16f8a004acda3a7b2621ac5498d2
4fef72bbf954883510edf5344dda10f894f2a64cfdff4a3d037b2de76370c71a
51269386926cfc97525fdc4d55317d70f3664d65a4c13e4eef95e2ba0d72f734
51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae
55084a8b55b1a339eef4b0b3c8144b48bd1f63dff4099704e8b598601c0b5d47
595185e8c2266b939f3cc83df406c3f5312e7f5b5871e40ed8e96e13759e444a
5bc468ae726c4a72f464dfacef0d9d5d47ac034c1c84c0d75a75406f07e55858
5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19
63a40a9e3989f9099e213206f645aef32d9c041b8fe0a5016999f1701aa76c0c
71e0d47a9f2ac448d065aaee41e4d13e6cb564d3e4d22eff2ec8630106324399
763fd8be27755874d97df36c07a55674d6ff6b14c4f206a281f7a4df597ca5da
78be3ff1e2a180ed9b9603ebf05e20462300b221395fad02397be1553d06565c
78e0412848a676ef0f690b7aa8b47f9ff01d023f0a11a7b6f56a738164399c86
7fe5a0b02836ac823b358d3dc460a7c133fe356aa3db085d458a64afaf2cefd6
8062080c907cea505d90676611df18f37e4a3b381b67536b1d2fd8d284da61d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f5d2003b2ac0a86d10955d833be06c656505a5cc951442d8aa292d18e0069b
87ecb1f5bf30a4f019788a64ac0bc004176a28a539eb37bef3db06e1e44e0351
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd58e04a6241a4b4e7af76e95b37e5903d0008f80ec81926b907eaa8550e458
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ede857346e9c519245071cb9a626b4d178d48f4ce39d1b233af284c66d8f5a2
8fb0dbd66e3091dd62288e41c7cf318688f865c82235b9b20859f137616b8fb0
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9754802a20e3f412075abbc5d8f1b794001b0cd8ac87441919231de900d818ea
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
983a4afed5784f11c2393ae863290f4dda4b3860c647d23b52e1d09c8d83d3cf
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
9e5c8419fde052e39010bbed36fb5bff5f0303ac8b81af4d3004b2f7a2b8ff3e
9f687a111a0aa3337d09a85c0a032f5c5a9bef169d91538917471aab775dbac4
9f90970621838df66e46611de4393b1c44b883666f9aff354c494c83bd0dd5b0
a3ef56776059c63a9cfc3942da96551853ab111d06ddb378a086c1ee77141283
a4911d821c9045a9df5cb794dae73e3fee1c922cc6f89ebb927547bf338153c9
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a9882089c32b714173bdd245c0e724141a905f06e3f254af6e29527d728a08dc
ab4fb25eca1c647e5db3ffb3d8ba804484f15c7b92687f172a0ada3bc044719c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af39d3df384d2203268d0632a7ffdc69dbefd6bf1d23ee24ac552d5469e3d730
b1826a7019dde654654a9df41a108cc9b005cfe74a1f233e5517550e9be78201
b664ef8817f547a6910ae600ea85db4bded2986e4f369f9b7ae5047a0cc81b51
b73d4a41b76b1acc0796331a2630d5eef972a94183744384eb237161136945e9
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb2282739e14d89938d9117cd4ab5bc9252e8f303ec91c8682956a72bb1128d7
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
c2d695ba0ba4d4818f44a8b4bb93bd22def1973a2bdb845e0c6b11dd7407e164
c52d8ecaada50da7a9739ca285872b431fad51042eccf398e2c2ecad8013880b
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
cec0576649667442f929687c183661c292799cb7f46b8e846f80ac0aed007d74
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d5170d39a8b6b53a53cfbac8bd21bec78dd051bf94afd598d94e152b935cabec
d9ab4d66d758c1c98f75d9a386e2efea59838d4ea0d6fc956c1bd7a3889159e2
da2f2e14d9f154b226c2f343a8556357e6ec71fbbce057610dca046a420356a9
da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4
dc8d52ba16a8441eeff66731ec05b9f0e3b7c72f323de71ba01af0e85d7360b5
dde0677c0b0db11379d66827895724d5fb5b196ecb1dc01c0dcfd920e0db094b
df090bcd78dc4d08ff54765ce2183abd8e8e4d7521ee8eeab725388a3fe81324
dfae362d9057097582b30f17ced2ae19a441d1b6ddf8e84761993f56de3e3527
e159a206a87beed7a6fe403f402c665c2d87940419d13cb0b49088255e9db114
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9
e9491131b778c4d4cac9571b0f9eaf975a13fc75035742941f35da0943ab96f8
ea9c45b329f37316ffec030f0914953fa25be8db65cdbc9a2b0a65b8213b8865
eac3021d12af1948bb737f365a9c94716f36da22cde3b5314c36f9dee2b81398
ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c
f7d59cd396f27c191d71c73f12b06c6b329045eba9da96fbb5c23e5449b45a1d
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3
fd9385b2904c658a9fd6f6456f148310a7a77bd17537b71b42000cdf6f1ce164

www.orlytaitzesq.com Open in urlscan Pro 35.209.63.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

252 Requests

75 %HTTPS

24 %IPv6

32 Domains

43 Subdomains

34 IPs

7 Countries

3924 kBTransfer

7200 kBSize

10 Cookies

133 Outgoing links

Page URL History

Redirected requests

252 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.orlytaitzesq.com Open in urlscan Pro
35.209.63.6 Public Scan

Screenshot
Live screenshot

Full Image

252
Requests

75 %
HTTPS

24 %
IPv6

32
Domains

43
Subdomains

34
IPs

7
Countries

3924 kB
Transfer

7200 kB
Size

10
Cookies

252 HTTP transactions
8 data transactions